THE USENIX ASSOCIATION NEWSLETTER 



FROM THE EDITOR 

Love Those Numbers. 3 

USENIX NEWS 

1996 Election for Board of Directors 

by Elite Young . 4 

Report of the Nominating Committee.4 

Request for Proposals.5 

Digest of the USENIX Workshop on Electronic 

Commerce by P. Honeyman .. 6 

Musings from LISA IX by Rik Farrow .19 

Report from LISA ‘95 by Win Bent .21 

USENIX Board Meeting Summary 

by Elite Young .23 

What To Do When You Need A Break.24 

Student Services by Diane S. DeMartini .25 

Community News.25 

A Special Thanks by Elite Young .25 

Watch for.26 


1993 Papers Available on Web Online Library.26 
Seeking Reporters for San Diego Conference... 26 


SAGE NEWS 

From the Editor . 27 

Summary of SAGE Board Activities, 1995 

by Hal Miller . 27 

Security Potpourri by Shawn Instenes .28 

Future Directions: A Report from the LISA ‘95 
Advanced Topics Workshop 

by John E. Schimmel . 29 

Perl Practicum by Hal Pomeranz . 30 

Aspects of Professionalism by Paul Evans . 32 

Avoiding Open-Ended Questions 

by John Ferguson . 32 

SysAdmin at the Movies: Braveheart 

by Nick Cuccia . 33 




CONTENTS 


FEATURES 

Interview with John Ousterhout 

by Rob Kolstad ...34 

TTie Web Master: Context-Sensitive Web Pages 

with CGI by Dave Taylor .36 

The NetBSD Project by Charles Hannum .39 


STANDARDS REPORTS 

An Update on Standards Relevant to 

USENIX Members by Nicholas M. Stoughton... 42 

Open Systems, POSIX, and NT by Stephe Walli 43 


BOOK REVIEWS 

The Bookworm by Peter H. Salus .48 

Creating Cool Web Pages with HTML - 
Reviewed by George W. Leach.50 

SOFTWARE REVIEWS 

Caldera Network Desktop 

Reviewed by David J. Fiander .51 

ANNOUNCEMENTS & CALLS 

1995 USENIX Technical Conference..53 

COOTS ‘96. 56 

Tcl/Tk ‘96.58 

UNIX Security ‘96. 60 

OSDI ‘96. 62 

LISA ‘96.64 

ETC... 

Book Publishers Discount Order Forms.66 

Proceedings Order Form.74 

Local User Groups.76 

Calendar of Events.78 




The UNIX and Advanced Computing Systems 
Professional and Technical Association 














































; login: is the official newsletter of the 
USENIX Association. 

• ;login: (ISSN 1044-6397) Volume 20, 
Number 6 (December 1995) is published 
bimonthly by the USENIX Association, 

2560 Ninth Street, Suite 215, 

Berkeley, CA 94710. 

• $25 of each member’s annual dues is for an 
annual subscription to ;iogin:. Subscriptions 
for nonmembers are $50 per year. 

• Second-class postage paid at Berkeley, CA 
and additional offices, 

• POSTMASTER: Send address changes to 
;login:, USENIX Association, 2560 Ninth 
Street, Suite 215, Berkeley, CA 94710. 

Editorial Staff 

• Rob Kolstad, Editor 
<kolstad@usenix.org> 

• Tina Darmohray, SAGE News Editor 
<Uud@uscTi ix. org> 

• Nick Stoughton, Standards Report Editor 
<nick@i4senix.org> 

• Carolyn S. Carr, Managing Editor 
<carolyn@usenix,org> 

• Monica Jensen, Copy Editor 

• Rhea Gossett, Proofreader 

Membership and Publications 

USENIX Association 
2560 Ninth Street, Suite 215 
Berkeley, CA 94710 
Phone: 510 528 8649 
Fax: 510 548 5738 
Email: <office@usenix.org> 

Contributions Solicited 

You are encouraged to contribute articles, book 
reviews, and announcements to ;login:. Send 
them via email to <login@usenix.org> or 
through the postal system to the Association 
office. Send SAGE material to <tmd@ 
iisenix.org>. The Association reserves the right 
to edit submitted material. Any reproduction of 
this newsletter in its entirety or in part requires 
the permission of the Association and the 
author(s). 

© 1995 USENIX Association. USENIX is a 
registered trademark of the USENIX Associa¬ 
tion. UNIX is a registered trademark in the 
United States and other countries, licensed 
exclusively through X/Open Company 
Limited. The Association acknowledges all 
other trade references made herein. 

;login: is produced with Framemaker 4.0 soft¬ 
ware provided by Frame Technology and dis¬ 
played on an NCD X Terminal, donated by 
Network Computing Devices. The system is 
served by a Sun SPARCsystem 10 server. Final 
output is created by a 600 dpi QMS 860 laser 
printer, donated by Quality Micro Systems. The 
newsletter is printed on recycled paper. 


SAVE THESE DATESI 



Upcoming USENIX Events 




USENIX 1996 Annual Technical Conference 

January 22-26,1996, San Diego Marriott Hotel & Marina, San Diego, CA 

Program Chair; Bob Gray, US WEST 

Invited Talks Co-ordinators: Mary Baker, Stanford University and Ed Gould, Digital 

Equipment Corporation 







USENIX/SAGE at Uniforum 

February 12-13,1996, Moscone Center, San Francisco, CA 

Tutorials on Internet Security, Firewalls, Multi-Threaded Programming and Windows NT, 
and Windows 95 Programming. 





5th UNIX System Administration, Networking, and Security Symposium 
(SANSV) 

May 13-17,1996, Washington. DC 

Sponsored by the Open Systems Conference Board in cooperation with SAGE, FedUNIX, 
and the Escal Institute 

Program Chairs: Rob Kolstad, BSDI and Michelle Crabb, NASA Ames Research Center 

Notification to Authors: December 20,1995; Camera-ready Papers Due: February 24,1996 







2nd Conference on Object-Oriented Technologies and Systems (COOTS) 

June 17-21,1996, Toronto, Canada 

Program Chair: Douglas C. Schmidt, Washington University 

Tutorial Program Chair: Doug Lea, SUNY Oswego 

Tutorial Submissions Due: February 7,1996; Paper Submissions Due: February 13,1996; 
Notification to Authors: March 5,1996; Camera-ready Papers Due: May 17,1996 






4th Annual Tcl/Tk Workshop '96 

July 10-13,1996, Doubletree Hotel, Monterey, California 

Program Chairs: Mark Diekhans, The Santa Cruz Operation, /nc.; Mark Roseman, 

University of Calgary 

Paper and Demo Submissions Due: March 5,1996; Notification to Authors: April 16,1996; 
Camera-ready Papers Due: May 28,1996 






6th USENIX UNIX Security Symposium 

July 22-25,1996, Fairmont Hotel, San Jose, California 

Sponsored by the USENIX Association. Co-sponsored by UniForum in cooperation with 

The Computer Emergency Response Team (CERT), and IFIP WG 114 

Program Chair: Greg Rose, Sterling Software 

Extended Abstracts Due: March 19,1996; Papers Selected: April 15,1996; Camera-ready 
Papers Due: June 10,1996 






10th USENIX Systems Administration Conference (LISA '96) 

September 30-0ctober 4,1996, Chicago Marriott, Chicago, Illinois 

Co-sponsored by USENIX and SAGE, the System Administrators Guild 

Program Chairs; Helen Harrison, SAS Institute; Amy Kreiling, University of North Carolina. 
Invited Talks Co-ordinators: Rik Farrow, Internet Security Consulting; Kimber\yTr\ide\, 
Massachusetts Institute of Technology 

Extended Abstracts Due: May 7,1996; Notification to Authors: June 11,1996; Final Papers 
Due; August 15,1996 










2nd USENIX Symposium on Operating Systems Design and 

Implementation (OSDI) 

October 29-November 1,1996, Seattle, Washington 

Co-sponsored by ACM SIGOPS and IEEE TCOS 

Program Chairs: Karin Petersen, Xerox PARC; Willy Zwaenepoel, Rice University 

Full Papers Due: May 7,1996; Notification to Authors: July 30,1996; Revised Papers Due 
for Shepherding: August 19,1996; Camera-ready Full Papers Due: September 16,1996 





For more information aboul USENIX and its events, access the USENIX Resource Center on the World Wide Web. The URL is 
http://www. usenix. org 
































































































FROM THE EDITOR 

Love Those Numbers 

Returning from the airport this morning, I was struck by the quantity of numbers 
in my life. As I watch the stock market try to sustain itself above DJIA 4800 and 
disk prices plummet below $0.25/MB, it is interesting to observe both the tech¬ 
nological and non-technological datapoints that shape my life. 

Yesterday, Jeff Polk showed me the new 1.0+GB disk for his laptop. It weighed a 
couple ounces (less than 100 grams for our metric readers). It was small, too. 
Easily fits inside a shirt pocket. Sheesh. 

So, in the best imitation of the Harper’s index, here are some of the numbers that 
have shaped my personal life over the last few years as I moved from University 
of Illinois graduate school, to Convex Computers, to Prisma, Sun, and now 
BSDI: 

USENET news, average bytes per day, October 1995: '-450,000,000 
Bytes in feature articles in this issue of ;login :; -170,000 
Hours to drive to RBK’s parents in Oklahoma at 55 mph: 11:49 
Hours to drive to RBK’s parents in Oklahoma at 75 mph: 8:40 
University of Illinois CS Department total MIPS, 1980: -0.7 
RBK’s personal desktop MIPS, 1995: 95 
Rise in Sun Micro Inc. stock price since 1988: -+515% 

Rise in Convex Computer Corp. stock price since 1988: —70% 

Rise in average house prices in Colorado Springs since 1988: -+85% 

Colorado Springs’ housing price index (100 = national average) in 1995; 99.5 

CDs in RBK’s collection in 1988: 3 

CDs in RBK’s collection in 1995: 1488 

Number of BSDI employees in 1991: 2 

Number of BSDI employees in 1995: -30 

Time to typeset page numbers onto USENIX proceedings camera-ready papers 
for Dallas, 1985 conference: -15 hours 

Time to (re-)typeset entire 1995 LISA proceedings in troff; -15 hours 

RK 


USENIX BOARD OF DIRECTORS 

Communicate directly with the USENIX Board 
of Directors, by writing to <board@ 
usenix.org>. 

President: 

- Stephen C. Johnson <scj@usenix.org> 

Vice President: 

• Eric Allman <eric@usenix.org> 

Secretary: 

• Lori Grob <grob@usenix.org> 

Treasurer: 

• Rick Adams <rick@usenix.org> 

Directors: 

• Tom Christiansen <tchrist@usenix.org> 

• Dan Geer <geer@usenix.org> 

• Andrew Hume <andrew@usenix.org> 

• Greg Rose <ggr@usenix.org> 

Executive Director: 

• Elbe Young <ellie@usenix.org> 

CONFERENCES & SYMPOSIA 

• Judith F. DesHamais 
Conference Coordinator 
USENIX Conference Office 
22672 Lambert Street, Suite 613 
Lake Forest, CA 92630 
Telephone: 714/ 88 8649 
FAX; 714 588 9706 

Email: <conference@usenix.org> 

• Zarma Knight 

Vendor Displays, Marketing 
Email: <zanna@usenix.org> 

• Daniel V. Klein 
Tutt)rial Coordinator 
Telephone; 412 421 2332 
Email: <dvk@usenix.org> 

WWW URL: http.’/iww'w.usenix.org 

Automatic Information Server 

To receive information electronically about 
upcoming USENIX symposia & conferences, 
finger <info@usenix.org> and you will be 
directed to the catalog which outlines all avail¬ 
able informatitm about USENIX services. 

USENIX SUPPORTING MEMBERS 

ANDATACO 

Apunix Computer Services 
Frame Technology Corporation 
GraphOn Corporation 
Matsushita Electric Industrial Co., Ltd. 
Sun Microsystems, Inc., SunSoft Network 
Products 

Shiva Corporation 
Sybase, Inc. 

Tandem Computers, Inc. 

UUNET Technologies, Inc. 

The closing dates for the next sub¬ 
missions to the next two issues of 
;login: are December 13/ 1995 and 
February 14, 1996* 


DECEMBER 1995 jlogin : 3 


USENIX Member Benefits 


USENIX NEWS 


As a member of the USENIX Association, 

you receive the following benefits: 

• Free subseription to : log in:, technical fea¬ 
tures, system administration tips and tech¬ 
niques, international calendar of events, 
SAGE News, book and media reviews, 
summaries of sessions at USENIX confer¬ 
ences, Snitch Reports from the USENIX 
representative and others on various 
ANSI, IEEE, and ISO standards efforts, 
and much more. 

• Free subscription to Computing Systems, 
the refereed technical quarterly published 
with The MIT Press. 

- Access to papers from the USENIX 
Conference and Symposia, starting with 
1993, via the USENIX Online Library 
on the World Wide Web 
<http:Uw\vw.usenix.org>. 

• Discounts on registration fees for the 
annual, multi-topic technical conference, 
the System Administration conference 
(LISA), and the various single-topic sym¬ 
posia addressing topics such as object-ori¬ 
ented technologies, security, operating 
systems, electronic commerce, and 
mobile computing - as many as seven 
technical meetings every year. 

■ Discounts on the purchase of proceedings 
from USENIX conferences and symposia 
and other technical publications. 

“ Discount on BSDl, Inc. products. ESDI 
information: 800 800 4BSD. 

‘ Discount on the five volume set of 
4.4BSD manuals plus CD-ROM pub¬ 
lished by O’Reilly & Associates, Inc. and 
USENIX. 

^ Savings (10-20%) on selected titles from 
McGraw-Hill, The MIT Press, Prentice 
Hall, John Wiley & Sons, and O’Reilly & 
Associates. 

• Special subscription rates to the periodi¬ 
cals The Linux Journal (phone: 206 527 
3385), UniForum Monthly, UniNews, and 
the annual UniForum Open Systems Prod¬ 
ucts Directory. 

• The right to vote on matters affecting the 
Association, its bylaws, election of its 
directors and officers. 

- The right to Join SAGE, the System 
Administrators Guild. 

To become a member or receive information 

regarding your membership status or benefits, 

please contact <office@usenix.org>. 

Phone: 510 528 8649. 


1996 Election for 
Board of Directors 

by Ellie Young 
< ellie@usenix. org > 

The biennial election for officers and directors of the Association will be held in 
the Spring of 1996, A report from the Nominating Committee follows. Nomina¬ 
tions from the membership are open until January 29, 1996. The procedure for 
nominations by the membership is a written statement of nomination signed by at 
least five (5) members in good standing (or five separate nominations), to be sub¬ 
mitted to the Executive Director at the Association office, and received by noon, 
PST, January 29,1996. Please include a Candidate’s Statement and photograph for 
inclusion with the ballots as well. 

All nominees are invited to attend the Candidates’ Forum to be held alongside the 
Annual Meeting of the USENIX Board of Directors, to be held sometime during 
the week of the annual USENIX Technical Conference, January 22-26,1996, at the 
San Diego Marriott Hotel (watch comp.org,usenix for information on time and 
location). Members are urged to come to this meeting with their questions! 

Ballots will be sent to all paid-up members on or about February 22. Members will 
have until March 28 to return their ballots, in the envelopes provided, to the Asso¬ 
ciation office. The results of the election will be announced in comp.org.usenix, 
and in the June issue of ;login:. 

The Board is made up of eight directors, four of whom are “at large.” The others 
are the President, Vice President, Secretary, and Treasurer. The balloting is prefer¬ 
ential; those candidates with the largest number of votes are elected. Ties in elec¬ 
tions for Directors shall result in run-off elections, the results of which shall be 
determined by a majority of the votes cast. 

Newly elected directors will take office at the conclusion of the first regularly 
scheduled meeting following the election, or on July 1st, whichever comes earlier. 

Report of the 
Nominating Committee 

The USENIX nominating committee (Mary Baker, Trent Hein, Evi Nemeth, Den¬ 
nis Ritchie, and Brent Welch) has beaten the bushes over the past few months 
searching for a super slate of candidates for the 1996 biennial election of the 
USENIX Board of Directors. In doing so, we have realized that the election process 
needs some tweaking. In particular: 

1) The entire board is re-elected at each election, opening up the possibility for 
more board turnover than is healthy for the organization. Perhaps we need a Web 
interface for voting so that elections could be held each year (at reasonable cost) 
and only half the board would be up for election at any given point in time. 

2) While the nomination process is, in principle, fair; in practice, it is not. The 
nominating committee has too much power; it can favor a person (by nominating 
just them for an officer slot) or discriminate against a person (by running them 
opposite a very popular candidate in an officer slot). This abuse would be avoided 


4 ;login : vol. 20 ■ no, 6 



USENIX NEWS 


by having the members elect the board and have the board 
elect the officers. 

We intend to include a straw poll in the ballot to learn how 
important these issues are to the membership and whether 
we should seek a change to the Bylaws in order to modify 
the election process. 

Two key positions on the USENIX Board are the President 
and Treasurer. The president must provide vision and guid¬ 
ance for the organization, as well as interface with the staff 
and chair the board meetings. Steve Johnson has captained 
the USENIX ship for the last several years, but felt it was 
time to move on and so declined to run again. We thank 
Steve for his many years of dedicated service to the organi¬ 
zation. Our nominee for his replacement, Andrew Hume, 
has been a superb freshman director these past two years. 
We were able to convince him to overcome his modesty and 
and run for president. The enthusiasm and energy that 
Andrew will bring to the presidency will serve USENIX 
well. 

USENIX has enjoyed 4 years of Rick Adams as Treasurer; 
one look at the financial bottom line shows that Rick has 
done a wonderful job. We are sorry to lose Rick (he 
declined to run again), but fortunately Eric Allman has 
agreed to accept the responsibility of providing the over¬ 
sight and attention to detail that this post requires. To this 
mix of old and new directors we add Dan Geer, another 
freshman, as Vice President. For Secretary, we nominate 
Peter Collinson, a long-time member who has been actively 
involved in USENIX and whose experience and insight will 
be a welcome asset. 


applications, and finally geographical diversity including 
overseas representation. 

The USENIX Nominating Committee, 

Chair: Evi Nemeth, University of Colorado 

Members: Mary Baker, Stanford University 

Trent Hein, XOR Network Engineering 
Dennis Ritchie, AT&T Bell Laboratories 
Brent Welch, Sun Microsystems 

Request for Proposals 

SAGE is seeking proposals from authors for another pam¬ 
phlet (as part of its “Short Topics in Sys Admin” series), on 
Systems Security: a Management Perspective. This docu¬ 
ment will serve as a guide for your less- or non- technical 
colleagues and management regarding the need for systems 
security, and the costs associated with security measures (as 
well as the costs of ignoring them). This document is not 
intended to be a technical manual for implementation, but 
rather a guide for security rationale and policy decisions. 

The booklet should run between 20-50 pages in length. 
Some topics that should be addressed are: 

• levels of security (none to completely paranoid) 

• trade-offs between security and convenience 

• cost models (in intangible, as well as monetary terms) of 
implementing common security scenarios vs. costs of 
breakins 


The complete list of candidates nominated follows: 


• internal vs. external attacks; social engineering attacks 


President Andrew Hume, AT&T Bell Laboratories 
Vice President Dan Geer, Open Market, Inc. 

Treasurer Eric Allman, Pangaea Reference Systems 

Secretary Peter Collinson, Hillside Systems 


Director 

Director 

Director 

Director 

Director 

Director 


Ed DeHart, CERT 

Peter Honeyman, University of Michigan 
Doug Kingston, Morgan Stanley 
Pat Parseghian, AT&T Bell Laboratories 
Margo Seltzer, Harvard University 
Elizabeth Zwicky, SGI Corporation 


We were fortunate to get a good mix of excellent, experi¬ 
enced folks and some really terrific new folks, all of whom 
represent important segments of our membership: academia 
vs. industry, low level technology vs. user interfaces and 


• which security vulnerabilities are preventable; technology 
vs. policy 

Case studies or illustrative anecdotes are encouraged. The 
author(s) will be compensated. Proposals should contain 
names and contact info for all authors, a representative writ¬ 
ing sample not to exceed 500 words, a draft outline for the 
pamphlet, and an estimate of how long it will take to deliver 
the manuscript. (The author will not be expected to copy- 
edit, design, typeset, or print the pamphlet. An agreement 
regarding copyright and compensation will be made with 
the Executive Director, subject to approval of the proposal 
by the SAGE Board of Directors.) 

Please address all inquiries and proposals to the Executive 
Director, Ellie Young <ellie@usenix.org> by December 15. 


DECEMBER 1995 flogifl \ 5 



USENIX NEWS 


Digest of the USENIX 
Workshop on Electronic 
Commerce 
July 11-12,1995 

by P. Honeyman 
<honey@citi, umichxdu > 

Abstract 

This two-day meeting was organized to foster interaction 
between the commercial and technical communities engaged 
in the design and deployment of systems of electronic com¬ 
merce. Attendance was by invitation from among those who 
responded to the call for participation. The workshop fea¬ 
tured lightly refereed formal presentations, panel sessions, 
invited talks, and broad, open-ended discussions on techno¬ 
logical and social topics. 

IViesday, July 11,1995 

Ninety-four attendees were invited to the USENIX Workshop 
on Electronic Commerce. In his opening remarks, Program 
Chair Dan Geer set the tone for the conference by requesting 
that participation be spirited, stressing the urgency of solving 
electronic commerce problems before the “cumulative 
investment” of the Internet, more commercial than ever, pins 
down policies that might wreak havoc with privacy, security, 
and needed functionality. 

Keynote address 

Electronic Banking and Electronic Commerce 
on the Superinformation Highway 

Daniel Schutzer, Citibank 

Dan Schutzer is Vice President and Director of Advanced 
Technology at Citibank, and President of the Financial Ser¬ 
vices Technology Consortium. Dan opened his keynote 
address with an overview of the present information infra¬ 
structure for electronic commerce, consisting of the combi¬ 
nation of a number of components (e.g., the Internet, 
telephones, EDI, etc.). Continuing to develop at a rapid pace, 
the resultant information infrastructure may revolutionize 
the way commerce is conducted. Components are provided 
by several different industries that need to integrate their 
products and divide the costs and profits from the resultant 
infrastructure. 

Dan sees both excitement and fear about achieving wide- 
scale electronic commerce. Electronic commerce has the 


potential to break monolithic corporations into smaller, 
more efficient organizations that buy and sell from each 
other via the net. Because so much of the net is free, a shift 
will result in the value-chain between producer and con¬ 
sumer. For example, the net blurs distinction of place, mak¬ 
ing it no more or less efficient to go inside or outside the 
company, so in-house design or production departments 
might bid on contracts just like outsiders. 

Electronic commerce involves everything one can do in the 
physical world: advertising, shopping, bartering, negotiat¬ 
ing contracts and prices, bidding for contracts, ordering, 
billing, payment, settlement, accounting, loans, bonding, 
escrow, etc. Electronic commerce is both a threat and a 
promise - it holds the promise of new markets, channels, 
types of products, and employment, but threatens present 
jobs and personal security. To reduce these fears, the infor¬ 
mation infrastructure should provide privacy, protection of 
intellectual property rights, authentication, authorization, 
non-refutability, and reliable payment structures. 

At the heart of electronic commerce is an act of payment; 
the information infrastructure implements electronic com¬ 
merce primarily by implementing that act. Payment can 
take place in several ways, and many payment methods 
must be supported. At present, there are lots of players and 
protocols. Interoperability among different payment sys¬ 
tems is critical. Without it, fears about the value of different 
electronic currencies will scare customers away. With it, the 
payment process can be automated to reduce costs, which, 
along with ubiquity of service, can improve customer satis¬ 
faction. 

Privacy usually implies anonymity, yet the absence of face- 
to-face social mechanisms for establishing trust exacerbates 
the difficulty in offering secure and trusted payment sys¬ 
tems. And because electronic commerce transactions are 
several orders of magnitude faster than in the physical 
world, if it is easy to cheat someone, even for a very small 
amount, it is easy to do it many, many times over. The costs 
can add up quickly. 

Dan discussed the goals of the Financial Services Technol¬ 
ogy Consortium (FSTC), which identifies applications of 
electronic commerce and guides standards development as 
the marketplace evolves from a paper-based market to a 
more electronic-based market. The FSTC is interested in 
modular standards and open APIs to enable interoperation. 
Standards development is guided by the principle that new 
systems should be at least as convenient as current systems, 
such as ATMs. Electronic currency should be similar in style 
to an electronic check but provide a wider set of payment 
options, such as direct funds transfer and payment on credit. 


6 ;login : vol 20 . no 6 



USENIX NEWS 


The FSTC established the Electronic Clearinghouse, a sys¬ 
tem of electronic checks and imaging of paper-based checks. 
The electronic check system is interesting because there is 
no need for a transaction-time third party (the bank), yet it is 
just like a physical check transaction. Plans are to extend the 
system to cover digital cash, debit cards, credit cards, funds 
transfer, traveler’s checks, barter, etc. 

The imaging of physical checks allows for faster processing 
and lower costs. Point-of-sale check scanning combined 
with online transaction-time verification of the account and 
the amount of the transaction lets the customer tear up the 
check at the point-of-sale: once it has been scanned, it is 
never needed again. Fraud prevention and detection schemes 
need more investigation. Old techniques, such as PINs, may 
not be adequate in the electronic market because they are 
hard for users to remember and easy for computers to break. 
Other techniques, such as neural nets or biometrics (iris 
scanning, fingerprinting, etc.), should be researched. Dan 
concluded that electronic commerce will likely make life 
different but more interesting as well. 

Jacob Levy opened the discussion by questioning whether 
humans will trust a system built on intangibles, especially if 
it includes biometrics. Robert Gezelter expressed concerns 
about legal ramifications. For example, what will stand up in 
court? What if a check image from an imaging system was 
unclear? Is the user liable? To what extent are Uniform 
Commercial Code issues being pushed down to the level of 
consumers? Dan emphasized that many of these questions 
are current research issues but noted that the consumer’s 
world is already full of risks, such as bad checks or counter¬ 
feit cash. 

Richard Field responded that consumers and commercial 
enterprises are in different legal arenas and that the end user 
is often protected in ways that the commercial enterprise is 
not. But new proposals are eroding the protections of the 
consumer. For example, it has been proposed that the liabil¬ 
ity of the consumer on goods purchased with a stolen credit 
card be raised from $50 to $500. And, scarier, a Utah digital 
signatures act makes the user liable for credit fraud if digital 
signatures are used negligently. The problem is that we are 
applying top-level legal concepts to the consumer. 

Lee Parks also noted that the general trend seems to be push¬ 
ing the risk of fraud onto the consumer. For example, many 
banks now state that if you have not objected to your 
monthly statement within 30 days of its issue, all records 
stand as printed. Many commented on the unacceptability of 
this trend in the customer community. Dan agrees that there 
are “a lot of minefields.” 

Cliff Neuman commented that people are willing to give 
their credit card number over the phone to make purchases, 
so perhaps perfect security is not necessary. 


Economy and legal 

Chaired by Alan Nemeth 

Token and Notational Money in 
Electronic Commerce 

L, Jean Camp, Marvin Sirbu, and J,D. Tygar, Carnegie 
Mellon University 

Jean Camp presented the first formal paper of the workshop. 
Her thesis is that electronic commerce necessitates new 
legal and social protocols for handling and processing 
money. New types of currency pose threats that are not 
addressed in current law. Jean provides a useful and com¬ 
prehensive collection of case studies examining the rela¬ 
tionship between buyer and seller, as well as the 
requirements and states of knowledge of law enforcement, 
banks, and observers, for the various types of electronic 
currency. 

A few questions arose regarding nomenclature, e.g., 
whether NetBill is goods-atomic. There was also some dis¬ 
cussion about the best way to view paper transactions. Greg 
Rose suggested that the work be extended to address inter¬ 
national jurisdictions. Eric Hughes surmised that legislation 
to prohibit new types of money laundering is inevitable. 

Economic Mechanism Design 
for Computerized Agents 

Hal R. Varian, University of Michigan 

Hal Varian described issues surrounding economic mecha¬ 
nism design, focusing on auction techniques used in prac¬ 
tice and their applicability to electronic commerce. In the 
discussion, Doug Tygar suggested clever ways to “hack” 
the auction mechanism. Hal offered a “mechanism, not pol¬ 
icy” defense. Jacob Levy explored anonymity in auction 
mechanisms. Hal responded that the value of anonymity 
would be reflected in price differences. 

Can the Conventional Models Apply? The 
Microeconomics of the Information Revolution 

Bruce Don and David Frelinger, RAND Corp. 

Bruce Don argued that the information technology industry 
is invalidating basic legal and regulatory policies and that 
there is not yet a clear paradigm that regards information as 
an economic good. 

In the discussion that followed, Hal Varian suggested that 
we don’t need new economic theories, we just need to read 
economics texts from the back to the front - the good stulf 
is all at the end. 

Marvin Sirbu characterized negligible production cost as 
the key to the economics of software. Dan Schutzer postu- 


DECEMBER 1995 ;login \ 7 



USENIX NEWS 


lated a world of totally free information in which value 
arises from skillful information management. 

Panel Session 

Jean Camp, Bruce Don, Hal Varian, and Jill Ellsworth 

Following brief remarks by Jill Ellsworth, Ph.D., Alan 
Nemeth led a panel discussion among the authors. Jill is an 
author, educator, and consultant working with merchants, 
who are focused more on interoperability than on security. 
Consumers want systems that are easy, fast, and understand¬ 
able. Merchants want the system to work and they want to 
get paid. 

Dan Geer noted a decline in the use of cash, e.g., in grocery 
stores, replaced by credit or debit cards: “Do not underesti¬ 
mate the lure of convenience.” But how can consumers be 
protected from unwitting violations of their own interests, 
e.g., their privacy? Hal Varian feels that they can, with a 
cost. Bruce Don suggested that we may have the opportu¬ 
nity to design the market mechanisms, which ordinarily 
form of their own accord. This may allow tailoring specific 
properties of the market, such as those that relate to privacy. 

Richard Field described privacy as a commodity to be pur¬ 
chased. Hal Varian characterized it as information of the 
form: “What does he know?” 

Ittai Hershman questioned whether consumer issues are as 
important as enterprise issues. Jill noted that business-to- 
business commerce is well under way, even on the Internet. 

Alan Nemeth opened Pandora’s box by suggesting a parallel 
to the battle between FAX and email over the last 15 years. 
More heat than light was shed in response. Much more. 

Payment experience 

Chaired by Steve Dusse 

Internet Information Commerce: 

The First Virtual Approach 

Darren New, First Virtual Holdings, Inc. 

First Virtual Holdings (FVH), which has been online since 
October 15,1994, is in the business of information com¬ 
merce, not goods and services. Darren New described the 
problems with supporting electronic commerce on the Inter¬ 
net. The biggest problem is that the Internet is big. He also 
described quite a few ways in which information commerce 
differs from commerce in real goods. He then described the 
FVH techniques in some detail. 

FVH shies away from cryptographic protocols, which 
present legal problems as well as potentially interfere with 
interoperability and usability. In fact, the FVH protocols 
send no financial information over the net. 


In answer to Robert Simoncic’s question, Darren revealed 
that FVH has over 10,000 customer accounts. Darren did not 
indicate the amount of foreign traffic or how many users 
employ non-IP protocols, such as UUCP. In the early days, 
most of FVH’s business was done through FTP and SMTP; 
now it’s done mostly via the Web. In response to Marvin 
Sirbu’s question about microtransactions, Darren indicated 
that sellers are allowed to accumulate transactions before 
forwarding billing requests to FVH. 

Ben Wright asked about the trust relationship between sell¬ 
ers/customers and FVH. Darren replied that FVH is relying 
on establishing and enhancing its reputation through pres¬ 
ence on the net, 800 numbers, relationships with large ven¬ 
dors, etc. Dave Crocker made a strong pitch for reputation- 
based systems. 

Arthur Keller asked how FVH handles “varying content.” 
This seemed to be a leading question; Doug Tygar was more 
direct and asked what fraction of goods sold are erotic. Dar¬ 
ren replied that FVH does not study the content of the goods 
it sells, it just collects the money. 

In answer to Andy Lowry’s question, Darren suggested that 
potential sellers of hard goods, such as pizza, are routinely 
turned away. 

Eric Hughes mentioned the potential for Domain Name Sys¬ 
tem hacking to subvert the FVH authorization protocol. Dar¬ 
ren confirmed that the potential is there and further that it 
has been observed in practice, whereupon FVH contacts the 
responsible authority (i.e., the hostmaster for the domain). 
This solution may not scale. 

Payment Switches for Open Networks 

D. Gifford, L. Stewart, A. Payne, and G. W. Treese, Open 
Market, Inc. 

Win Treese described the Open Market system for support¬ 
ing electronic transactions. A typical transaction involves a 
Web server with digital offers on it. The customer browses 
the Web, selects her goods, then presents herself to the pay¬ 
ment system to get a digital receipt, which acts as a ticket 
for goods. The ticket is given to the seller, who conveys the 
goods. 

Open Market supportsVarious payment methods, including 
credit cards and purchase orders. Authentication can be 
user-defined, including challenges such as “birth date” or 
“dog’s name.” Despite the desire for total anonymity, pay¬ 
ment is linked to the good being purchased. 

Customer service ordinarily costs several times more than 
fraud, hence it must be automated. To this end, customers 
have access to personal, online, up-to-the-minute state¬ 
ments, eliminating the usual monthly statement. Items on 


8 ;login : vol. 20 . no. 6 



USENIX NEWS 


the statement contain embedded URLs to more detailed 
descriptions of transactions. 

Because Open Market transactions are inherently non- 
atomic, good failure semantics are essential. For example, 
when a customer clicks a button repeatedly, it may or may 
not mean she wants to purchase several copies of the item. 

Answering Hal Varian, Win indicated that Open Market does 
not yet support discounts based on volume or affiliation. 
Mark Seiden asked whether receipts are transferable or sub¬ 
ject to theft. Win stated that tickets contain IP addresses, 
among other things, and claimed that tickets are hard to 
steal, which was met by a general murmur of dissatisfaction. 

Jacob Levy observed that in contrast to PWH, Open Market 
payments take place after goods are delivered. Win noted 
that FVH itself can be used as a payment system. 

John Gilmore complained that he hates shopping, and would 
like a system that gets him the stuff he needs without his 
involvement. Win replied that authentication dictates some 
level of his attention. 

Payment mechanisms 

Moderated by Mack Hicks 

Dan Eldridge, DigiCash and Steve Crocker, CyberCash 

Dan Eldridge offered some brief remarks. Cash is anony¬ 
mous and private. Privacy is good. Privacy, once violated, 
can never be restored. Electronic cash (or coins) is a “bearer 
instrument” in that the value of the item goes with the bearer. 
When cash trades hands, the value of the cash immediately 
belongs to the recipient, in contrast to handing someone a 
check or performing a credit card transaction, wherein the 
value goes to the recipient at some unspecified future time. 

Steve Crocker followed with some remarks of his own. 
CyberCash is also building payment systems for the Internet. 
Their goal is to produce component technology to be inte¬ 
grated into other software products. Their software attaches 
to browsers and servers. The payment mechanism is very 
similar to other current schemes. They also provide a peer- 
to-peer payment structure that does not require the transac¬ 
tion-time involvement of banks. 

CyberCash uses cryptography heavily; credit card informa¬ 
tion goes over the net encrypted. Merchants can neither see 
nor tamper with customer information but are responsible 
for forwarding it to the bank. 

A CyberCash transaction begins when a server makes an 
offer to the consumer. The consumer sends back credit card 
information (encrypted). The merchant sends a message to 
CyberCash to authenticate the customer. CyberCash obtains 


a credit card transaction from the bank. (Question from the 
crowd: “Does it count as a ‘card present' transaction?” 
Answer: “No.”) CyberCash sends a “yes/no” message to the 
merchant, based on authorization from the bank. The mer¬ 
chant sends a receipt to customer. 

Steve emphasized the importance of a safe, efficient, and fast 
mechanism, one that could support small transactions. He 
stated that there are five times as many transactions under 
US$10 than over US$10. 

Mack Hicks initiated the panel session by suggesting that 
payment protocols are less important to banks than whether 
certificates such as X.509 or ANSI X.9 are accepted by other 
banks and payment companies. Steve pointed out that while 
certificate standardization codifies the binding between a 
public key and its certification, banks really want to know 
who you are and whether you will pay your bills. 

Richard Field observed that certification authorities have a 
tricky balancing act: they must limit their risk without losing 
public trust. Mack suggested that certification authority may 
be governmental, reiterating that the process of certificate 
acceptance is central. 

Andy Lowry agreed with Mack and asked Win about liabil¬ 
ity if a merchant key is cracked, because this has the poten¬ 
tial for enormous losses. Win answered that, while keys can 
be invalidated, perhaps based on checking usage patterns, 
this does not solve the liability problem. Dan said that liabil¬ 
ity belongs with the key owner; e.g., if a bank’s secret Digi¬ 
Cash key is compromised, the bank is liable for proximate 
losses. Darren echoed this view, citing recent Utah legisla¬ 
tion that places liability with the owner of a digital signature. 
The crowd responded that 1) this legislation has not yet been 
tested; and 2) this is a good reason to get out of Utah. 

Payment protocols 

Chaired by Clifford Neuman 

NetBill Security and Transaction Protocol 

Benjamin Cox, J,D, Tygar, and Marvin Sirbu, Carnegie 
Mellon University 

Benjamin Cox described the NetBill protocol, designed for 
server-based electronic commerce of low-cost electronic 
items, such as those that would be purchased from a digital 
library. (The initial deployment sites for NetBill are Univer¬ 
sity digital libraries.) NetBill follows a credit-card model 
and is optimized for microtransactions and network delivery 
of goods. NetBill is partnering with VISA and Mellon Bank. 
The NetBill protocol is designed so that authorization, pay¬ 
ment, and goods transfer are efficient, which will reduce 
server load, support high volume and availability, and reduce 
the number of disputes. The goal is for the transaction cost 
itself to be negligible, to provide for zero-cost goods. 


DECEMBER 1995 ; login : 9 



USENIX NEWS 


NetBill transactions provide atomicity, non-refutability, 
access control, and mutual anonymity and privacy to protect 
sellers against buyers and buyers against sellers. Transaction 
atomicity is enforced by a trusted third-party, namely Net- 
Bill. Digital signatures are used for non-refutability. Ker¬ 
beros tickets are used by customers and merchants for 
authentication and access control. NetBill runs the Kerberos 
server. 

Tickets have a non-negligible lifetime, which hampers secu¬ 
rity but improves performance. Public keys are needed for 
digital signatures, so NetBill extends Kerberos to use public 
keys for initial authentication. Ben claims this may remove 
the need for a single, realm-wide Kerberos server. 

A NetBill transaction takes place in three phases: price nego¬ 
tiation, goods delivery, and payment. The customer interacts 
directly with the merchant. A seller can dynamically set the 
price based on the identity of the buyer, offering discounts 
based on demographic criteria, such as “the buyer is a senior 
citizen,” etc. The customer is also allowed to issue a “bid” 
message to the merchant. 

After the merchant and customer agree on a price, the mer¬ 
chant encrypts the goods, sends the encrypted goods to the 
customer, and waits for payment. The key is sent to the cus¬ 
tomer upon payment. A copy of the transaction receipt goes 
to NetBill - the receipt contains a copy of the key - in case 
the merchant refuses to send the key to the customer or if the 
customer misplaces or fails to receive the key. 

Both parties digitally sign the payment receipt, using public 
key cryptography. Certificates encrypted by private key 
replace the Kerberos ticket-granting-ticket. This is just as 
good as a ticket for identifying the customer, as it uses the 
public key to authenticate. 

In the question period following Ben’s talk, Dave Crocker 
suggested that the credential and authorization mechanisms 
used in NetBill are a useful generalization and Ben and his 
colleagues should consider writing an RFC. 

In response to Mack Hicks’ question about the origin and 
form of certificates, Ben stated that NetBill generates the 
certificates. Their final form depends on the outcome of 
negotiations with Public Key Partners, Inc.. Mack suggested 
X.509v3. 

Mack also asked about liabilities in the NetBill system. Mar¬ 
vin Sirbu replied that an issuer or payment processor must 
take liability, i.e., NetBill is liable. Doug Tygar elaborated 
that issues of liability and revocation are clarified in payment 
protocols in which transactions run through a trusted server. 


iKP - A Family of Secure Electronic 
Payment Protocols 

M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, 
M. Steiner, G. Tsudik, and M. Waidner, IBM Watson Re¬ 
search Laboratory and IBM Zurich Research Laboratory 

Hugo Krawczyk described iKP, a family of secure multi¬ 
party payment protocols based on RSA-1024 cryptography. 
Modeled on the credit card system, iKP has buyers, sellers, 
issuers, acquirers, and a clearing house. iKP also supports 
the notion of a gateway, which translates electronic pay¬ 
ment requests into clearing house and authorization tasks. 

The iKP family consists of 1KP, 2KP, and 3KP. In 1KP, only 
the gateway possesses a public and private key pair. 2KP 
provides merchants with keys; 3KP offers full multiparty 
security by issuing public/private key pairs to customers, as 
well. The choice of protocol is based on the security 
requirements of the application. In general, the protocol’s 
security guarantee is strengthened by requiring that more 
parties in the transaction possess and use public key pairs. A 
family of protocols such as iKP allows for gradual deploy¬ 
ment as infrastructure requirements are met. 

A Set of Protocols for Micropayments 
in Distributed Systems 

Lei Tang, Graduate School of Industrial Administration, 
Carnegie Mellon University 

Lei Tang believes that Internet electronic commerce traffic 
will require micropayments (US$1 or less), and has devel¬ 
oped several protocols to support microtransactions. He 
uses a simple accounting structure and cheap encryption 
techniques to keep transaction overhead down. 

Lei compared the transaction cost of security requirements, 
symmetric and asymmetric cryptosystems, and payment 
models. He concluded that security is necessary to keep 
transaction cost low, that computational intensity and patent 
licenses make public keys too expensive, and that a debit 
payment model is simplest. He then presented three proto¬ 
cols that implement these requirements. 

Following Lei’s talk, Doug Tygar argued that Lei’s proto¬ 
cols are neither goods-atomic nor money-atomic, and that a 
failure could result in an inconsistent state, such as the dis¬ 
appearance of money. Lei responded that modifications in 
the protocols could extend them to meet that requirement. 

Design Considerations for Lightweight Elec¬ 
tronic Payment Mechanisms 

Mark Manasse, DEC Systems Research Center 

Mark began with some back-of-the-envelope computations. 
There are 31.5 million seconds in a year, so a computer that 
costs US$150K per year to run necessitates a revenue 


10 ;login : vol 20 . no 6 



USENIX NEWS 


stream of one-half a cent per second (assuming constant traf¬ 
fic). If a financial agent skims 2% of the revenue, the flow 
must be 25 cents per second for the agent to make money. 
Assuming bursts come in a 10:1 ratio, this requirement is 
actually US$2.50/second. Assuming the computer can per¬ 
form 10 encryptions per second, the minimum granularity of 
a transaction is thus US$0.25. 

Improving the granularity of transactions to one cent 
requires the ability to support 250 transactions per second. 
To do better than this, say one-tenth cent granularity, 
requires lumping transactions together, reducing the cost of 
cryptography, or relaxing some of the guarantees, such as 
non-refutability, anonymity, or reliability. 

Mark then presented Millicent, which uses scrip to support 
“femtopayments”: very lightweight transactions whose costs 
are fractions of pennies. Millicent is designed for transac¬ 
tions such as a payment per Web access, per stock quote, or 
per index query. Millicent sacrifices anonymity and non¬ 
repudiation to accomplish its ends. 

Millicent is a broker that issues unforgeable scrip in large 
amounts, say US$5, but broken down into small units, each 
with a unique identifier. Scrip is issued for use with a spe¬ 
cific merchant. The merchant verifies that the customer 
spends each identifier no more than once. Scrip that expires 
can be refreshed by the broker. 

The question and answer period for Mark’s talk was lively as 
participants tried to grasp the details of Mark’s system and 
compare the four systems discussed. Jill Ellsworth asked 
Mark if concern about government regulation is important in 
micropayment systems. Mark responded that he has no defi¬ 
nite information on the government’s interest in micropay¬ 
ments. There was a flurry of responses (most from Marvin 
Sirbu) that the government is worried about the broad use of 
encryption, but not its narrow application to electronic com¬ 
merce. The current status is that the transfer of bulk 
encrypted documents is legal, but the export of encryption 
technology is not. 

Win Treese wanted to know how a 5% sales tax would be 
handled on a l/lOOth cent purchase. The consensus was to 
round down. 

Doug Tygar suggested that it is difficult to differentiate 
between so many protocols in one session, especially ones 
that seem to occupy very different regions of Jean Camp’s 
taxonomy. Cliff Neuman felt that we will have to wait and 
see how the various systems behave in large volume. Doug 
added that even though STT appears inappropriate for 
microtransactions, it should also be considered, because with 
it, VISA and Microsoft will control a large chunk of the mar¬ 
ket. 

Robert Gezelter asked how a merchant can tell whether scrip 
is legitimate and how payment authorization is accom¬ 


plished. Mark responded that the scrip is merchant-specific 
and that transactions are pre-authorized. Robert questioned 
whether current laws permit issuance of private scrip. Rich¬ 
ard Fields suggested that it is allowed. 

Dinner speaker 

Marty Tenenbaum, Enterprise Integration Technologies 

Marty Tenenbaum opened his after-dinner address with the 
observation: “It’s been a hell of a year for the Internet... 
and you ain’t seen nuthin’ yet!” A year ago, when Com- 
merceNet started, people said Internet commerce was either 
illegal or immoral. Now, according to The Economist, it’s 
bigger than the telephone and approaches the printing press 
in its impact to society. The Web has unleashed the Internet 
marketplace, and, with the new influx of security into the 
Web, we’ll really see commerce sprout. 

CommerceNet was bom in February, 1993 at the Sheraton 
New York (coincidentally, the workshop meeting place), 
during a meeting of the Technology Reinvestment Program. 
It is a consortium of over 120 American companies, such as 
Citibank, IBM, MCI, Netscape, UC Berkeley, and Wells 
Fargo. CommerceNet is growing at the rate of about 10 new 
companies per month, with basically no marketing. A Com¬ 
merceNet Japan chapter is also starting. CommerceNet has 
working groups exploring, developing, and exploiting 
emerging technologies. Most of the action takes place in 
these working groups. 

CommerceNet provides a brokering function by disseminat¬ 
ing multimedia catalogs, hypermedia browser starter kits (a 
service no longer felt to be necessary), ISDN connectivity 
and networking hardware and software; specialized directo¬ 
ries, i.e., those not obviated by Yahoo and Lycos and their 
ilk, security (encryption and authentication), and payment 
services (credit cards, debit cards, checks). All this works to 
support collaborative engineering products. 

CommerceNet hopes to replace EDI, which requires prior 
arrangements between trading partners, with Internet store¬ 
fronts based on Web browsers. Marty described PartNet, a 
place where parts are available, and the Internet Shopping 
Network, which replaces rooms full of “operators standing 
by” with Web servers. 

The impact of electronic commerce in the short term will be 
to cut costs, shrink development cycles, and streamline pro¬ 
curement. The long-term outlook is the atomization, or dis¬ 
integration, of vertical companies into ones offering core 
competencies in niche areas, outsourcing the rest. This will 
empower small businesses, niche publishing, and tiny mar¬ 
kets and will lead to new information services, such as risk 
management, and brokers to bring buyers and sellers 
together. 


DECEMBER 1995 ;login : 1 1 



USENIX NEWS 


Wednesday, July 12,1995 
Technology 

Moderated by Peter Honeyman 

Smart Catalogs and Virtual Catalogs 

Arthur M. Keller, Stanford University 

Arthur Keller opened by asserting that the ability to locate 
things on the net is just as important as transaction security 
and payment for goods+. 

Current online catalogs use the Web, in which documents are 
typically menus pointing to other documents. Each vendor 
maintains its own menus, an approach that has limitations: 
it’s hard to find what you want when the menus are orga¬ 
nized by company as opposed to by product. For example, it 
is not possible to query www.printers.com for a cross-listing 
of references to every commercially available printer. Fur¬ 
thermore, there are no standards for organizing information, 
so each catalog has its own unique structure. In addition, 
there is often no facility for searching by content and no sup¬ 
port for cross-catalog searching. 

Some of the queries we might want to issue include: “Give 
me a list of local dealers for the HP DeskJet 1200C Post¬ 
Script printer;” “Give me a list of all HP printers for the 
Macintosh;” “Notify me whenever someone announces a 
color PostScript printer for the Macintosh less than $3000;” 
or “Give me a list of any merchant’s color PS printer under 
$3000.” 

Support for these types of transactions requires distributed 
searches, support for “reverse” or content-based search, e.g., 
to look for printers or disk drives, not product names, sup¬ 
port for heterogeneous information sources, getting the 
information from the horse’s mouth, e.g., get information on 
Hewlett-Packard printers from HP, not from someone else, 
and cross-searching of multiple catalogs. 

The CommerceNet Smart Catalog project supports all of 
these requirements. The system is composed of distributed 
agents that speak a common language and translate between 
it and the individual languages of the merchant catalogs 
(such as SQL, etc.). 

The system also allows distributors to make “virtual cata¬ 
logs” based on smart catalogs. By pointing its virtual catalog 
at the smart catalogs of its manufacturers, a distributor can 
provide a consistent interface to its customers. The interface 
can also be more complete, as it avoids handing off control 
to the manufacturer, which presents a problem if information 
must be transferred back to the distributor’s catalog service. 

CommerceNet queries to manufacturers result in informa¬ 
tion in forms like product description = <text>, product pic¬ 

12 ;login : vol 20 . no 6 


ture = <gif>, product specs = <text>, etc. An intermediate 
browser, virtual catalog, or CAD tool can do with the infor¬ 
mation as it pleases, allowing distributors to customize and 
personalize their Web page layouts and organizations. 

The system also contains Facilitators, or intermediary 
agents along the lines of X.500 directory agents, responsi¬ 
ble for keeping pointers about specific product types, such 
as TOASTERS or PRINTERS or FOOD. Finally, Smart 
Catalogs support Ontologies. There must be standard lan¬ 
guages/grammars for each product type available via the 
system. Standards organizations will define the highest- 
level languages, and every database must use the defined 
names for item labels. Lower-level languages, as needed per 
specific product, can be defined by the manufacturer of the 
product. 

Robert Simoncic asked whether CommerceNet offers a new 
way to get into price wars. The distributor does not need to 
stock the product, so what stops each manufacturer from 
bidding down at transaction time? Arthur speculated that 
new business and commerce models will appear for pre¬ 
cisely this reason. 

Alan Nemeth pointed out that caching the results to queries 
may be a problem if these results don’t remain valid for too 
long. Arthur agreed that this is important and will be looked 
at when virtual catalogs are built. 

Robert Gezelter asked about bottlenecks and system over¬ 
load. Arthur joked that when you know an important bid is 
coming, you could swamp your competitor’s catalogs with 
queries. In seriousness, he advised that it is possible to put a 
filter on the system, or send information out only to 
accepted endpoints, but this is also future work. 

Safe Tel: A Toolbox for Constructing 
Electronic Markets 

Jacob Levy and John Ousterhout, Sun Microsystems 
Laboratories 

Jacob Levy spoke about electronic meeting places and 
using Safe Tcl to build them. Electronic meeting places are 
virtual spaces where mobile agents (represented by 
code+state) can run. The spaces have persistent state and 
provide a consistent view to all of the mobile agents cur¬ 
rently in a room. Possible uses include advertising and com¬ 
merce, social interactions, integrated currency, advertising 
methods, ordering and delivery of goods, etc. 

Safe Tcl offers a way to run these electronic meeting places. 
Safe Tcl handles multiple address spaces within a single 
process by running a different Tcl interpreter in each 
address space. This allows execution of code that is not 
trusted or of communicating scripts that do not trust one 
another. System calls and IPC requests are processed by 
intermediary agents that allow actions based upon authenti¬ 
cation. 



USENIX NEWS 


A Safe Tcl environment has a hierarchical structure in which 
parent threads create children threads. Each thread is a sepa¬ 
rate Tcl interpreter. An interpreter’s execution restrictions 
are set by its parent. Children must trust the parents, but the 
parents do not trust the children. 

Safety is provided by ensuring that only known good code is 
run by unrestricted interpreters. Untrusted code is run by 
restricted interpreters. 

In Safe Tel’s underlying trust structure, trust is not based on 
where code is from, it relies on who code is from, authenti¬ 
cated using digital signatures. 

Multiple interpreters with different restrictions isolate con¬ 
current executing scripts. Removing functionality makes 
them safe from each other. 

Open problems in safe execution include protecting a mobile 
application (a script that moves between meeting places) 
from the hosts, persistent scripts, and the absence of stan¬ 
dards. 

Ben Cox asked about combining safe elements in unsafe 
ways, for instance, a pop-up box that asks for the user’s 
credit card number and then relays the information to some¬ 
one else. Jacob replied that the problem of user gullibility is 
something that he plans to address. 

Arthur Keller asked how Safe Tcl decides what scripts run 
on which interpreter. For example, you don’t want a privi¬ 
leged interpreter to be able to grant person A file access to a 
script written by person B. Jacob responded that scripts are 
authenticated as if they are the actual person; a script cannot 
do things that the person cannot. 

Developing and Deploying a Corporate-Wide 
Digital Signature Capability 

Diane E, Coe and Frank J. Smith, The MITRE Corporation 

Diane Coe described current cryptographic efforts at MITRE, 
which include digital signatures, a key management system, 
distributed authentication, and a system integrating these 
various aspects. MITRE’s interest in digital signatures stems 
from a belief that they can help lead to the paperless office 
and thus save time and money. 

mitre’s efforts are based on the RSA ESAFE toolkit, using 
RSA for authentication and MD5 for hashing. SIGN and VER¬ 
IFY functions are part of a software package that is easily 
embedded into other applications. 

MITRE uses a key management system integrated with the 
X.500 directory structure for authentication. Users go to a 
key generator for a key. The generator places the key and a 
certificate onto a floppy disk or smartcard. The certificate is 


also stored in a certificate database and in the user’s X,500 
entry. 

MITRE uses Kerberos-based distributed authentication. This 
provides single sign-on capability using Kerberos creden¬ 
tials and passwords for proprietary and residual systems. 
They are moving from floppy disk to smartcards for security 
reasons. 

MITRE has run into horrible interoperability problems: only 
rarely can credentials be shared between different systems. 
Most products are not open and the ISO smartcard standard 
is still evolving, so interoperable products are only just 
emerging. 

MITRE’S Kerberos realm ends at the edge of MITRE. To 
communicate with the rest of the world, MITRE has followed 
the relevant standards: X.500, X.509, Kerberos, RSA, etc., 
but there is not yet any advantage to having done so. Credit 
card companies are building their own systems and digital 
signature capabilities; MITRE fears it will need a different 
smartcard for each bank: “Everyone says they’re singing 
from the same sheet of music, but they’re not singing the 
same song.” 

Marvin Sirbu asked whether the fact that a token contains 
only one key-certificate pair means that you need a smart- 
card for every certificate authority. Diane responded that this 
depends, e.g., on whether VISA uses your key or issues their 
own. Marvin suggested that if you can set up the token so it 
can hold multiple certificate-key pairs, then you solve the 
problem. Greg Rose suggested that you get a certificate-key 
pair out of each token and put them into a universal one. 

Greg asked Diane why MITRE didn’t go to a hierarchical 
system instead of one certificate authority. The answer was 
simple: cost. 

In response to Juan Rodriguez’ question, Diane confirmed 
that the date on the floppy signature is protected by user 
password encryption. 

Answering Arthur Keller, Diane said it is impossible to mas¬ 
querade as someone if you find their floppy or smartcard, as 
you also need their PIN/password to unlock the smartcard. 

John Gilmore wondered why MITRE chose the ISO smart- 
card over PCMCIA, as the latter offers access to many more 
readers. Diane responded that the smartcards fit into 
MITRE’S existing badge readers. 

Bob Gezelter asked whether the credentials in the smartcard 
go over the network. Diane agreed that would be a huge 
security hole, and stated that the credentials are read by the 
card reader but go no further than that in the clear. 


DECEMBER 1995 ;login \ 1 3 



USENIX NEWS 


Extensions 

Chaired by Marc Donner 

Digital Notary 

Stuart Haber Bellcore 

Stuart Haber described Surety Technologies, a commercial 
spin-off from Bellcore whose initial product is a digital 
notary, used to prove that a given document existed in a cer¬ 
tain form on a certain date. A sample use is notarized elec¬ 
tronic lab notebooks to defend a patent. 

Stuart provided a concise overview of the operation of the 
notary. Customers convey digital documents to Surety. Peri¬ 
odically, Surety constructs a binary tree, with the MD5 hash 
of each document stored at the leaves. The interior nodes are 
also labeled with hash values constructed from the combined 
values of the node’s immediate children. The value of the 
node at the root of the tree is published (in the Sunday New 
York Times). Each customer is then given the hash value of 
her leaf document, as well as the hash values of all nodes 
adjacent to the nodes on the path from root to (customer) 
leaf. With these hash values in hand, the customer can prove 
that her document contributed to the published hash value. 

The hash function is one-way, so possession of a collection 
of values that produce the published hash value is firm evi¬ 
dence that the customer’s document existed prior to the pub¬ 
lication date. Furthermore, because the hash values are 
constructed in a tree, the number of values returned to the 
customer is equal to the height of the tree, so the procedure 
scales with the log of the number of documents. Additional 
scaling can be had by allowing local servers to build their 
own trees, transmitting the root hash value to a Surety tree. 
The system has no keys to compromise and appears to be 
extremely secure. 

In answer to Richard Field, Stuart reiterated that Surety need 
not retain copies of the documents or even the intermediate 
or root hash values. The customer is given all the tools and 
values necessary to recompute the root hash value. 

Generic Extensions of WWW Browsers 

Ralf Hauser and Michael Steiner, IBM Zurich Research 
Laboratory 

Ralf Hauser described the need for a “snap-in” product to 
put into Web browsers that offers security and payment 
methods. He found that this is not really possible: you need 
to modify servers or add processes to systems. Ralf went on 
to describe a better way to architect Web browsers, but the 
audience resisted the notion of changing everyone’s browser 
or even considering more work in this area when Java and 
Safe Tcl are just now appearing. 

The initial goals of generic extensions to WWW were to sup¬ 
port iKP security without modifying browsers. Current 


needs include security when making purchases. Several 
possible architectures were described. One relies on MIME 
to invoke a local payment client, which contacts a payment 
server to complete the actual purchase. This does not easily 
admit post-processing. Another architecture uses a proxy 
Web server that intercepts and processes payment requests; 
firewalls can make this quite challenging. 

Ralf argued in favor of a generalized architecture, which 
includes an extensions manager, passive extensions such as 
filter viewers, and active extensions such as remote control¬ 
lers. The extension manager handles not only MIME, but 
also HTML as an HTML-viewer extension. 

John Gilmore asked how to accomplish these ends in a way 
that is not specific to any particular browser. Ralf answered 
that, while binary compatibility is required, it’s as generic 
as MIME. Rohit Khare elaborated by comparing to CGI, 
which differs among the various platforms. But John would 
not be satisfied with anything less than Java or Tcl. 

Rohit asked about versioning for the client-side, to make 
sure the latest version of security is being used. Ralf sug¬ 
gested placing the version number in the MIME type, as the 
architecture is transparent to that issue. 

Andy Lowry observed that the generic extensions approach 
doesn’t push in a direction for patching together distributed 
applications, especially long-lived ones, and gave the IBM 
SOM product as an example. Ralf felt that because HTTP is 
stateless, SOM could be supported under the architecture. 

Andy followed up by suggesting the importance of long- 
lived processes internal to an organization. Ralf responded 
that the work described here is in the vein of a browser and 
renderer; long-lived processes can be launched from the 
browser, but anything more is beyond its purview. 

Secure Coprocessors in Electronic 
Commerce Applications 

Bennett Yee andJ.D, Tygar, Carnegie Mellon University 

Bennett Yee characterized the fundamental problem of elec¬ 
tronic commerce as the distribution of security and argued 
that hardware should play a role. Secure coprocessors are 
capable of solving some of the problems that software solu¬ 
tions can’t. 

A secure coprocessor is a standard microchip and some 
NVRAM in tamper-proof packaging. Potential form factors 
include chips (such as the infamous Clipper/Capstone), 
smartcards, or PCMCIA. Bennett maintains that technology 
for physically secure hardware is a reality. 

A secure coprocessor is a safe place to store cryptographic 
keys as well as to do some computation. In one application, 
a secure coprocessor can be used to fight software piracy by 


14 ;login : vol . 20 . no . 6 



USENIX NEWS 


enabling delivery of encrypted software. The secure copro¬ 
cessor holds the crypt key and runs the decrypted code. 
Everything sent to the host machine, including paged data, is 
encrypted before it goes out. This scheme protects applica¬ 
tions, but not data. For example, a protected picture must be 
decrypted to view it, at which point the protection may be 
lost. 

A secure coprocessor provides a very simple scheme for 
electronic money: the coprocessor knows how much money 
it has allocated to it, and tampering results in loss of cash. 
Such a system can be much safer than DigiCash, where it is 
possible for a merchant to not receive the packets necessary 
to reconstruct the money (and here, Bennett gave an 
extremely effective demonstration of the fragmentation of 
digital money over the net by ripping up a dollar belonging 
to Ben Cox), or to pretend that it never got the packets. 
Using secure coprocessors, neither side of a transaction can 
be tampered with and protocols can be run as transactions, 
with ACID properties guaranteeing that money is either 
transferred completely or not at all. 

Point-of-sale is another potential application, using a secure 
coprocessor as a debit card. To protect against Trojan-horse 
merchant systems, the coprocessor should allow the cus¬ 
tomer to enter a password to approve the withdrawal of 
funds and to verify the amount. Bennett described a simple 
method for ensuring that the merchant system does not get 
the password: the coprocessor displays a random string and 
the customer uses arrow keys on merchant’s system to 
change the values to the correct password. 

A secure coprocessor also allows transmission of sensitive 
materials to other processors using public key encryption. 
Such a scenario appears to be impossible with Safe Tcl or 
Java. 

Mack Hicks asked whether secure coprocessors can offer 
virus protection. Bennett answered in the affirmative, and 
outlined one scheme. 

John Gilmore asked how to protect users from malicious 
cards that do not allow them to “read the code.” There seems 
to be no satisfactory answer, but Bennett favors openness. 
Eric Hughes delved into atomicity issues in communications 
between coprocessors over unreliable networks; Bennett 
referred him to the literature on two-phase commit proto¬ 
cols. 

The DigiBox: A Self-Protecting Container for 
Electronic Commerce 

O. Sibert, D, Bernstein, and D, Van Wie, Electronic Publish¬ 
ing Resources 

Olin Sibert argued that one of the requirements of electronic 
commerce is a container mechanism that protects itself as 
well as its contents from tampering. For example, currently 


an author writes a book, or an artist composes music, etc. 
When it comes to being reimbursed for the actual number of 
copies produced and sold, the creator of the work is at the 
mercy of the publisher, with no way to ensure that the num¬ 
ber of copies the publisher claims is the number of copies 
actually out there. This is compounded by consumers mak¬ 
ing their own copies of the work, cheating the copyright sys¬ 
tem. How can the rights of the creator be protected? 

One of the main disincentives for breaking copyrights is 
purely physical: the price of a book is generally lower than 
the hassle to sit at a copier for the many hours it takes to 
make the copy. The computer and digital information tech¬ 
nologies open up new ways to be exploited, but also open up 
new ways to protect copyrights. 

Olin described DigiBox, a generalized container that holds 
and protects arbitrary information content. Users pay for the 
keys before the container will hand over contents. Contain¬ 
ers can hold many different items, e.g., several books, mov¬ 
ies, audio recordings, and divulge only one part at a time. 

A complex key management system allows portions of the 
keys to be divulged, with items in the container being 
encrypted by several different key fragments. 

Olin’s scheme uses selective encryption for performance 
reasons: encrypting a small fraction of an MPEG file makes it 
just as useless as one that is fully 100% encrypted. For 
audio, the entire file is encrypted, but the key changes peri¬ 
odically. Each key can be less secure (for faster implementa¬ 
tion) but the net effect is no loss of security. 

DigiBox has many applications, such as discount coupons, 
key escrow, arbitrary content, etc. 

Noting that the key mechanism is extremely complex, Marc 
Donner asked what sort of attacks it is meant to defend 
against. Olin responded that DigiBox allows multiple copies 
of a mass-produced product to have different keys for open¬ 
ing it. Part of the complexity is to ensure that one divulged 
key can not open every copy of a container. 

John Gilmore cautioned that software and keys don’t mix 
very well in the real world. Olin suggested that an approach 
that combined DigiBox and secure coprocessors might offer 
more stringent security. 

Kerberos Plus RSA for 
World Wide Web Security 

Don Davis, Consultant 

Don Davis, veteran security guru from the Kerberos project, 
described his displeasure with other Web security systems 
and suggested an approach that combines strange bed-fel¬ 
lows Kerberos and RSA with minor protocol enhancements. 
Don’s gripe with SSL is that it doesn’t authenticate servers, 


DECEMBER 1 995 ;login \ 1 5 



USENIX NEWS 


just clients, which may leave consumers vulnerable to credit 
card fraud. SHTTP, on the other hand, makes too many 
homogeneity assumptions, forcing both sides to use either 
public keys or Kerberos. 

Don’s scheme requires some changes to the Kerberos proto¬ 
cols. Touted advantages include obviating the necessity of a 
key database (thus diskless operation) and improved revoca¬ 
tion. The scheme seems to have many administrative and 
performance advantages. 

In an interesting side-comment, Don recently discovered and 
documented an oversight in the Kerberos protocols: it turns 
out that Kerberos client clocks don’t need to be synchro¬ 
nized. 

Bennett Yee asked about Trojan horse attacks in distributing 
patches; the crowd responded “CERT.” Don pointed out that 
distributing patches is an iffy way at best to correct existing 
ills, as there is no certainty that vulnerable sites will install 
patches; in fact, bitter experience proves otherwise. 

Luncheon speaker 

Alliance Ecology: A Key to Strategic 
Success in Electronic Commerce 

Bud Mathiasely Ernst & Young 

Bud Mathiasel, Director of Multimedia Consulting Services 
for Ernst & Young, opened by asking the audience: “Who 
will benefit from a global multimedia market?” The answers 
included Microsoft, Sony, Netscape, Disney, SGI, AT&T - all 
the usual suspects. Bud maintains that no one will do it 
alone, and offered many examples of the alliances being 
formed among information technology players, as everyone 
realizes the risks in going it alone. 

As bandwidth grows, so does the complexity of its use, as 
applications take advantage of its potential. Bud identified a 
general trend, which he called “disintermediation” - the 
removal of intermediary points between context, content, 
and infrastructure. (This is similar to Marty Tenenbaum’s 
notion of dis-integration of vertically integrated manufactur¬ 
ers.) As an example, Bud observed that automated teller 
machines eliminate tellers, giving customers a more direct 
association with their banks. 

Other trends are the movement from marketplace to “mar- 
ketspace” and from “clockware” to “swarmware.” Peter 
Honeyman to Andrew Hume: “Kill me now.” 

In general. Bud’s comments left folks reeling. There were 
many polite, but confused, questions. Jacob Levy was heard 
to observe, “What he’s saying is that we want a kinder, gen¬ 
tler marketplace.” 


Electronic commerce in the real world 

Moderated by Win Treese 

Darrell Davisy Lombard Technology Group; Andy Lowry, 
Morgan Stanley; Howard Alt, Sun Microsystems 

Andy Lowry began by describing Morgan Stanley, which 
carries out extremely high-value transactions for a small cli¬ 
ent base in a highly regulated market. Morgan Stanley uses 
the Internet for commerce, in part because of “a critical 
mass of clients and business partners there” and is now 
exploring the use of the Web as a generic service delivery 
platform already in place with a clean split between client 
and server. Using the Web is also good for corporate public 
relations. 

The big question, naturally, is security. Authentication and 
authorization are absolutely critical. If unauthorized people 
back out on large transactions, Morgan Stanley is stuck with 
the costs. The solutions being employed include key 
escrow, trust management, and risk management. 

Open questions abound, such as the liabilities when a trade 
is based on a certificate whose key has been compromised, 
or how to place performance guarantees (time of delivery, 
or even delivery at all) on the net. For example, if someone 
submits a TRADE message just before the close of the mar¬ 
ket, and the delivery of the message happens after the close, 
who is responsible? Answering his own question, Andy 
suggested that insurance, classic risk management, will play 
a role. 

Next, Darrell Davis described some of the challenges faced 
by Lombard Technology Group, which will soon be selling 
stocks and other instruments through the Web. Lombard 
uses the Netscape commerce server through a firewall to 
provide portfolio management for its clients. 

Some of the challenges faced when a naive management 
decides to go mission-critical with a new and popular ser¬ 
vice include a boss who is gung-ho about performance but 
not about security, neglecting customer support in initial 
plans, requiring developers to be pulled off other work, pro¬ 
viders that don’t support SSL or even Web browsers, and 
exponential growth in traffic. 

Howard Alt spoke next, explaining that Sun sees a different 
picture of the world. Sales do not go to the customer: they 
go through channels. The sales channel creates demand and 
enables volume. When you bypass your channels, you 
aggravate them. It is a bad thing to aggravate sales chan¬ 
nels. 

Sun regards the Internet as a means of delivery, not a chan¬ 
nel, and wants their electronic agreements to include sales 
channels. He also pointed out that while Sun wants copy 
protection, key-based service denial is not their goal. (It is a 


16 ;login : vol. 20 • no 6 



USENIX NEWS 


problem when a customer has bought a software package but 
cannot run it because the license server is down.) 

Black-box technology is bad; magic secrets are not reason¬ 
able in the real world. It is hard to control too many secrets. 
In contrast, the cryptography people got it right: the algo¬ 
rithms are public knowledge, the implementations are public 
knowledge, only the key is secret. Limiting the number of 
mysteries is a worthwhile goal. 

In the panel discussion, Darrell reported that Lombard 
receives about 100,000 HTTP requests per day, about a third 
of them for stock quotes, and the rest for graphs. 400 
requests per day for new account information is typical, and 
about a quarter of these result in new customers. Lombard’s 
server generates graphs dynamically with Gnuplot, which is 
killing the system, as is a horribly slow RAID 5 system. 
Other than that, the server has sufficient capacity. 

Darrell would like to have better tools for authentication. 
Lombard uses account number and password, similar to 
other trading companies, and not challenge-response 
because it is hard enough to get clients to plug in their 
modems and use the right browser. 

Rohit Khare asked why we are content with weak security 
on the phone and yet we expect so much from the Internet. 
Bob Gezelter replied that it is easy to tap into the net and 
overhear thousands of circuits, but tapping a phone line taps 
only one circuit. 

Andy observed that we’re going to have a very rich set of 
certificates in the future. Howard noted that while the Web is 
great for retrieving information, it lacks management tools 
and standards necessary for commerce. Mark Seiden sug¬ 
gested that stable URLs are a valuable asset, just like a stable 
800 number. 

Breakout sessions 

In the breakout session, the workshop broke into small dis¬ 
cussion groups to address issues of liability, offshore juris¬ 
dictions, privacy vs. anonymity, and intermediate success 
and failure in economic commerce. The workshop then 
reconvened to discuss these issues in the larger forum. A 
panel with one representative from each group was formed 
by Ittai Hershman, Jacob Levy, Peter Honeyman, Dan Geer, 
and Eric Hughes. 

Who IS liable? 

Eric Hughes’ answer was simple: someone else. Ittai Hersh¬ 
man suggested that laws have always been slow to adapt to 
new technologies; we need to think in terms of the credit 
card paradigm (which includes a customer, a merchant, and a 
bank). As far as liability, people will sue the person they 


think can and will pay. Joe Arceneaux offered a comparison 
to hazardous goods, where a broad spectrum of risk-alloca¬ 
tion methods are already in place. 

Dan Geer offered a new perspective; the person who needs 
to believe is liable. If I need to trust a fact and it turns out 
false, I am liable. If the fact is backed by a guarantee, and the 
guarantor needs to believe something else (like the customer 
will pay, or the customer has been authenticated), the guar¬ 
antor is liable. Ben Cox noted the similarity to PGP’s “web 
of trust.” 

Lee Parks suggested that this is similar to a consumer’s 
responsibility to protect her credit card and PIN number; it is 
her obligation to report the theft of her card immediately. 

Lee offered a question from the hard-boiled school; When 
bad things happen, who will the legal system point the finger 
at? 

Richard Field held that the belief argument is circular: 
you’re liable because you need to believe, and you need to 
believe because you are liable. Ittai Hershman observed that 
courts are likely to go with precedence rather than shift to 
new, untested rulings. Eric Hughes made a comparison to 
warrants in existing systems: a check implies the existence 
of funds in your account. 

Peter Honeyman argued that liability is built into the price of 
the transaction based on a market for risk acceptance and 
management. 

Privacy is a right; anonymity is 
a shield for criminals. 

Ittai Hershman pointed out that different levels of anonymity 
exist. When you go down to the comer video store and rent a 
porno video you have virtual anonymity in the implicit 
assumption that the clerk will not reveal your name even if 
he recognizes you. If you purchase your own copy for $20 in 
Times Square, you have real anonymity. Ittai suggested that 
society will not tolerate real anonymity on the Internet. 

Jacob Levy claimed that privacy is a commodity, for sale 
like any other. There was widespread disagreement with this 
position. Andrew Hume argued, “That’s a bald-faced lie. 
You can’t buy privacy today.” There was general dissent to 
this, as well. Greg Rose suggested that if you can buy pri¬ 
vacy, someone else can buy a breach of it. 

Joe Arceneaux argued that even if anonymity IS a shield for 
criminals, it has its uses and good points. Privacy is a policy 
issue; anonymity is a technology issue. Dan Geer pointed 
out that anonymity is not binary, i.e., it’s not the case that 
you either have it or you don’t. Rather, one has privacy 
within a certain domain. For example, it is desirable to dis¬ 
tinguish between one’s private and commercial lives; it is 
not advantageous to offer someone anonymity while on the 


DECEMBER 1995 ;login \ 17 



USENIX NEWS 


job if the company is liable for the worker’s actions. Further¬ 
more, while anonymity is the only shield against data aggre¬ 
gation, the law will inevitably require some breach of it. 

Peter Honeyman offered the view that the central question is 
one of social control. For example, Swiss bank accounts pay 
less interest on anonymous accounts. Privacy seems to have 
less value today than it has had in the past. 

Eric Hughes offered four maxims: anonymous systems are 
hard to audit and adjudicate; anonymity decreases as the 
transaction size increases; “when cash is suspect, only sus¬ 
pects will have cash;” and, liquidity substitutes for identity. 

Dan Geer offered an alternative viewpoint: anonymity is the 
best shield against criminals. Josh Rabinowitz agreed that 
anonymity protects “normal” people. 

Andrew Hume maintained that privacy is all the average per¬ 
son really wants. Anonymity is nothing more than an imple¬ 
mentation issue. 

Eric Hughes gave two examples. Chaum’s DigiCash pro¬ 
vides anonymity to the common man. On the other hand, 
Morgan Stanley has run full-page ads offering anonymity 
(actually, pseudonymity) for large financial transactions. 

Ben Cox suggested that changing a pseudonym often enough 
effects anonymity, but this provoked widespread dissent. 

Eric Hughes pointed out that only the first use of a pseud¬ 
onym is truly anonymous. Peter Honeyman noted with some 
sarcasm that “those who have nothing to fear have nothing to 
hide.” Dan Geer held that electronic commerce promotes 
data aggregation and that anonymity is the only protection. 

Andy Lowry asked whether we should be doing something 
about these issues besides talking about them, such as form¬ 
ing a CommerceNet working group. 

What will move offshore? 

Joe Arceneaux proposed that in the short term, socially dis¬ 
approved industries such as pornography and gambling will 
make the transition to offshore operation. For the long term, 
it’s difficult to guess. The big question is privacy: if going 
offshore increases the level of privacy, it is an enormous 
advantage. However, many activities will remain traceable, 
and it will be harder and less desirable to set up your own 
business offshore. Dan Geer pointed out that today’s net¬ 
works already make things location-independent. The ques¬ 
tion is, what would keep a business onshore? 

One possibility is the protection of the legal system, which 
suggests that you would choose a physical location for its 
legal codes. Electronic services will likely move offshore 
because there is no disadvantage, such as shipping costs. 
Industries that respond to bids, like artwork, copy writing. 


programming, etc., will easily be placed offshore. Also, 
support operations are likely to make the transition because 
of reduced costs; for example, today, many 800 number 
support lines go to places in the Midwest for economic rea¬ 
sons. When you call an airline, or the mail order catalog, the 
person answering the phone is usually not located in the 
corporate headquarters because of cost. These types of 
operations will go wherever it is most cost-effective. 

Peter Honeyman suggested that operations will move off¬ 
shore because it is economical or required to do so. When 
people see that the Lithuanian Web server is generally 
underloaded, there will be a rush to move there. Peter ques¬ 
tioned the efficacy of moving out of a jurisdiction, raising 
the example of the California erotic BBS convicted of vio¬ 
lating Memphis community standards. 

Eric Hughes replied that Internet carriers are enhanced ser¬ 
vices providers, not common carriers, so that different laws 
apply to them. Amplifying Eric’s comment, Hal Varian 
noted that a common carrier is protected from liability for 
the contents of what is carried, while enhanced services pro¬ 
viders are liable for the contents. Arthur Keller pointed out 
that the question of common carrier status can be murky, 
e.g., cable TV providers are liable for the contents of their 
transmissions. 

There was a general feeling that much software develop¬ 
ment will move offshore, enabled by the Internet. Peter 
noted that the University of Michigan Digital Library 
project has its digital scanning done in Barbados. 

Eric suggested that while moving offshore has anonymity 
and regulatory advantages, these are offset in part by a dis¬ 
advantage in restrictions on import/export. 

Who dominat'es electronic commerce 
in the year 2000? 

There was general agreement that the entertainment indus¬ 
try will be a big winner. 

In Dan Geer’s breakout group, the primary question was 
what the infrastructure will look like. Dan restated the ques¬ 
tion by asking whether the dominant players will be new, 
unforeseen businesses enabled by electronic commerce or 
whether they will be revamped, old businesses. Will service 
providers like AOL, CompuServe, and Prodigy still be 
around? Will there be a global provider or regional carriers? 
Another fundamental dichotomy: Which wins more, con¬ 
tent or context, i.e., the stuff or the transport? 

Peter Honeyman suggested a different dichotomy: Spiel¬ 
berg vs. CU-See-Me (extended to CU-See-Me-CU, etc.), 
i.e., the little guy or the big guy? Clearly, VISA, Mastercard, 
AMEX will win; all schemes presented involved the credit 


18 ;login : vol 20 . no 6 



USENIX NEWS 


card companies in one way or another. Peter’s one-word 
summary: turmoil. 

Joe Arceneaux agreed that credit card companies will win, 
as well as other transmogrifications of present financial sys¬ 
tems, enabled by the new commerce paradigm. 

Jacob Levy offered the view that one big winner is the cus¬ 
tomer, who will have a much wider selection of choices than 
ever before. Winners will include the providers of funding, 
hardware, and information. Losers will include banks that do 
not adapt and the poor, who will suffer from lack of access. 
This was met by some disagreement over whether the rich 
and the poor will have such a great degree of disparity in 
access to electronic services. Jacob asked how many poor 
people have bank cards. Someone in the crowd asked how 
many have cars. 

Peter suggested that the decreasing cost of technology has a 
democratizing force. Joe Arceneaux said that when A1 Gore 
spoke to South Americans about the Internet as a force that 
would bring democracy to them, his audience was less than 
enthusiastic, as they seem to hold a dim view of American 
democracy. Richard Field pointed out that third world coun¬ 
tries that have missed out in the last few generations of tech¬ 
nology can leap-frog cheaply and easily into the global 
mainstream. Andrew Hume pointed out that in surprisingly 
affluent places, you still see people who cannot afford even 
modest monthly connect fees. Peter argued that we’re mov¬ 
ing the cost line down. Andrew replied that we’re moving 
the poverty line up. Andrew went on to say that when Bell 
Labs tried to offer free access to public libraries by donating 
machines, the libraries couldn’t afford the cost of continuous 
access. 

Eric Hughes suggested that nobody will dominate, just as no 
one “dominates” today. Obvious winners include the credit 
card systems. Obvious losers will include paper mail-order 
businesses, salespeople and securities traders who lose their 
jobs, and technical people like Web administrators will lose 
quality of life. 

Andrew Hume argued that the mail-order industry is making 
so much money that electronic commerce would need to 
completely swamp the market to hurt them. You won’t hurt 
L.L. Bean for a long time. It was pointed out that L.L. Bean 
is on the net already. 

Ittai Hershman stated that capitalism will be a big winner. 
Richard Field felt that the federal government will definitely 
win. 


Wrap-up 

Daniel E. Geer, Jr. Sc.D., Open Market, Inc. 

After an enthusiastic show of interest in holding another 
workshop in the near future, Dan Geer offered some closing 
remarks and adjourned the workshop. 

Acknowledgment's 

This digest was produced with the assistance of student 
scribes, Sarah E. Granger, Bruce Jacob, Trent Jaeger, and 
Charles Thayer, who diligently recorded the presentations 
and followup discussions; their efforts are warmly appreci¬ 
ated. Scott George lent his quick and careful eye to a draft of 
this digest. The workshop itself was the brainchild of Daniel 
E. Geer, Jr., Sc.D., who accomplished the impossible by tak¬ 
ing it from conception to fruition in six and one half months. 


Musings from LISA IX 

by Rik Farrow 
<rik@spirit.com> 

As the commuter jet settled out of the fog onto the runway at 
Monterey, I found myself asking the question “Why am I 
here?” Having moved to a small town where the biggest con¬ 
centration of UNIX systems is in my home office, I hardly fit 
into the category of “Large Installation System Administra¬ 
tors.” 

Maybe it was just the opportunity to return to the California 
coast. More realistically, it was to hang out with other people 
in my profession, and to ask and answer questions. Even if 
you work in a “large” environment, there’s nothing quite so 
refreshing as finding many familiar faces, or making new 
friends. 

The conference opened with an award given to Evi Nemeth 
for her work in System Administration. For those of you 
who don’t know of Nemeth, she, along with Garth Snyder 
and Scott Seebass, wrote “the book” on large system admin¬ 
istration, drawing on her experience at the University of Col¬ 
orado. Nemeth gave a not unexpected acceptance speech 
(“Thank you”). She is truly deserving of the tribute. 

Next, we got to listen to John Mashey talk about hardware, 
wetware, and software. Now with Silicon Graphics and for¬ 
merly with MIPS, Mashey disturbed some of the audience 
with slides showing just how much faster Silicon Graphics 
computers could be than most other UNIX systems. But that 
wasn’t really what he was talking about (just the marketing 
insult). 

Mashey talked first about advances in hardware. He passed 
around some example hardware to make his points (one bit 


DECEMBER 1995 ;login: 19 



USENIX NEWS 


circuit card, some core memory, early microprocessor, 
recent 64 bit design), as he described the logarithmic 
advance in numbers of transistors per square inch, and corre¬ 
sponding increases in processor performance. 

The not-so-exciting side of the hardware picture concerns 
other components. While memory density has been increas¬ 
ing, memory latency, the amount of time to access random 
memory, has hardly increased at all, leading to the popularity 
of cache based on static RAM. Disk drives can now store 
hundreds of times more data than their older counterparts, 
but are only about four times faster. And you still have 
latency to deal with - you have to wait for the data you want 
to come spinning past the read heads. 

Busses tie these subsystems together. Hardware designers 
can do tricks with interleaving memory, multiple cache lev¬ 
els, wider busses, and increased bandwidth. But there is little 
you can do about latency. Or, as Mashey put it, you can buy 
bandwidth but not latency. 

Next, he described wetware (that’s you and me) in similar 
terms. Frankly, the situation is appalling. Since computers 
were invented, processors are many orders of magnitude 
faster and more compact, and, let’s face it - we humans 
haven’t gotten any faster, and some of us are less compact as 
well. Minimum latency for humans is about one tenth of a 
second, and the maximum bandwidth about ten bytes per 
second. Looked at another way, a 100 megahertz processor 
could execute ten million instructions before we have 
reacted to the first question. And, to make matters worse, 
that one tenth of a second latency is for a teenager trained in 
fast responses by Sega or Nintendo. 

Mashey’s answer to this is software. By creating the right 
software, we can maximize the relative non-responsiveness 
of the wetware element. For example, present pictures 
instead of columns of numbers. Humans are quite good at 
drawing inferences and having insights, so the answer is to 
use the hardware and software to digest and present data 
most useful to the wetware. He provided many examples, 
including a method of viewing files on UNIX systems visu¬ 
ally (with large files very tall, new files red, and old files 
blue). Or, making using software more like driving a car, 
where you don’t have to consciously think about everything 
you are doing. 

At least the wetware is still programming the hardware. 
Remember fifth generation languages, which were going to 
take over the job of programming about five years ago? 

Dan Geer, now with Open Market, gave a good talk about 
the coming of electronic markets. Again, this should be cov¬ 
ered elsewhere in this issue [see page 22], but as usual, I 
liked Geer’s low key humor (commerce on steroids, or the 
Web as another AI flash in the pan). Try 


ftp:llftp,openmarket.com/publLISAI^.ps.[gz] for Geer’s 
slides. 

Mike O’Dell talked about CIDR (Classless InterDomain 
Routing) as a fact of life. O’Dell, of UUNET and IETF, 
warned a rapt audience that Internet addressing has been 
wrong and the problem must be fixed or the Internet will 
stop. Most people are aware of the address depletion issue, 
but that is merely the tip of an iceberg. The underlying issue 
has to do with routing. As routing tables grow, it becomes 
impossible to route packets in the doubling-in-size yearly 
Internet. The problem grows exponentially, and will have to 
be solved. 

Longer addresses, as in IPv6, will be a part of the solution. 
Renumbering of networks will be in many of our futures, 
said O’Dell. His bottom line was plan now, because the life 
you save may be your own. 

Papers 

Lest you think I spent all my time in the halls chatting (I 
didn’t), I did listen in to several of the papers (and many of 
the hottest invited talks will be covered by another writer). I 
hope he mentions the “remote virtual presence,” which con¬ 
sisted of a radio-controlled car, mounted with a video-cam¬ 
era, so you can smooze around the office while tele¬ 
commuting. Or the naked wife story, soon to become an 
urban legend (filed under Reasons-You-Don’t-Want-Video- 
Conferencing-At-Home). [Ed. Note: See following article]. 

I am partial to anything having to do with security and so 
liked the paper about a more secure LPR replacement. 
Rscan, a method for remotely executing security software, 
looked interesting, especially with the addition of the 
Secure Shell to replace rsh. Karen Cassella, a Sun security 
administrator, talked about SunSWAT, but explained that it 
had about the same availability as Alec Moffet’s AutoHack 
(only within Sun). I also found Cassella’s answer to why 
Sun was still shipping insecurely configured systems 
enlightening: when customers demand security, we will 
deliver secure systems. Please don’t fault her - this has been 
Sun’s, and most UNIX vendors’, policy for years. 

I always plan to read the proceedings so I can learn about 
the papers I missed. As I was going through the proceed¬ 
ings, I was pleasantly amazed to find that I needed to spend 
time on almost all of the papers. There are papers about load 
balancing using Perl (ibnamed), password distribution and 
management, file transfer using LPR/LPD, converting Ora¬ 
cle schemas to HTML, papers on management skill and 
measures, measuring Internet performance, and lots more. 
As a USENIX member, you can access the USENIX Web and 
FTP servers using the id and password supplied on your 
membership card (send email to office@usenix.org if you 
have lost your password). If you want hard copy, you can 


20 ; login : vol 20 . no, 6 



USENIX NEWS 


buy the proceedings for $30 as a member (add $11 for over¬ 
seas shipping). 

BOFs 

I missed about half the BOFs I wanted to attend because of 
time conflicts. So it goes. So much good information. One of 
the BOFs I didn’t miss was for the establishment of a Tivoli 
users group. 

Tivoli Systems has had a distributed system management 
product for years now. I had reviewed the product several 
years ago, and was really curious to discover what users, not 
the vendor, were doing with it today. And I have learned that 
many organizations are unwilling to use solutions that are 
not vendor supported. 

There were only 25 people in the room, and at first nobody 
said anything. Then a gentleman from Federal Express asked 
how many people were “heavy users” of Tivoli, and about 
six hands went up. Federal Express uses Courier to distribute 
software and Sentry for event monitoring. Another person, 
from Rockwell, talked about how he had researched five dif¬ 
ferent solutions and settled upon Tivoli because it appeared 
to be the only product which scaled well. The heavy users 
reported that support had been good. 

Another notable BOF occurred Thursday night, before the 
reception at the Monterey Aquarium. First, Ed DeHart of 
CERT spent a half hour talking about current Internet secu¬ 
rity problems. DeHart joked about the yearly LISA sendmail 
advisory, and recommended that people use the latest send¬ 
mail, 8.7. Then someone said they’d found a bug there, and 
to wait for 8.7.1. 

Some things haven’t changed. Password snooping is still 
going on, for example. Also, there’s a nice tool floating 
around to exploit trust using the r commands (the same one 
used to break into Tsutomo Shimomura’s systems on Christ¬ 
mas), and another tool for exploiting NFS weaknesses. 

The Firewalls BOF followed immediately, lead by Brent 
Chapman. A lot of the discussion was around the issue of 
Trusted Information System’s Firewall toolkit. Although this 
issue had been thoroughly hashed out in the BOF at the Secu¬ 
rity Symposium in Salt Lake City, there are quite a number 
of attendees using the toolkit (many more than use commer¬ 
cial firewall products) in this overflowing meeting room. It 
really is a good question: how does a small company support 
a “free” product when it can’t release control of the source? 

Marcus Ranum, the author of much of the toolkit, lashed out 
at C. The toolkit, because it uses the C libraries, is also vul¬ 
nerable to the bug in the syslog () calling subroutine - in 
fact, any software which uses syslog is vulnerable to buffer 
overruns reminiscent of the Internet worm. Chapman men¬ 
tioned that the CSRG (at Berkeley) had threatened in 1988 to 
go through and fix all code doing unbounded string copies, 


but didn’t because the problem occurred too often to fix 
easily. 

There’s a lot more to these security BOFs, and persons inter¬ 
ested in getting a more complete report, with corrections, 
can visit the Web or FTP server at Chapman’s site 
{ftp,greatcircle,com:lpublfirewallsl archive! Firewalls, 
9509,Z) and collect the entire Firewalls archive for Septem¬ 
ber. You’ll get much more than my 20k BOF report, about 
900k compressed, but a lot of it is interesting. 

Chicago 

The next LISA, the tenth, will be in Chicago. I’ve heard 
some grumbling about this, mostly from people on the left 
coast. Having been to Chicago six times in the last year. I’ve 
found it a nice place to visit when it’s warm, and hope to 
finally be there when I can get into the Museum of Science 
and Technology. Chicago is a decent compromise for a con¬ 
ference which has grown too large for Monterey (too bad), 
and which needs to cater more to non-Califomians. 


Report from LISA ^95 

by Win Bent 
< whb@ucs. use. edu > 

Spamming^ Spoofing, and Spying on your 
Personal Global System 

by Norm Schryer 

Norm Schryer is an entertaining person to listen to. He’s got 
stories; he’s got technical know-how; he’s got friends; he’s 
got lots to say. This talk was a wonderful chance for him to 
touch on many aspects of life on line, and he obviously leads 
a full life! 

By actually following through on a “neat idea” (rather than 
just talking about it) and calling around and spending some 
money. Norm and his group at AT&T Bell Labs managed to 
get themselves megabit/second access to their homes. To 
those of us who feel luckyjf we can sustain a 14.4 kilobit 
link, this seems like Nirvana. However, as he touched on one 
aspect after another, it came back to reality: a lot of neat stuff 
and a lot of headaches. 

In the first place, just getting connected involved lots of 
pieces, many of them not in the hands of the Bell Labs folks. 
The connection was through the local cable TV company, 
using special equipment at their office, at Bell Labs, and in 
the homes. Any one of those pieces could and did fail, at 
some point. As Norm pointed out, cable TV amplifiers 
mounted on telephone poles love winter, because it keeps 
them cool. This system was installed in the winter, then sum¬ 
mer came along. In all. Norm described the system by saying 
“It’s a rose: pretty, with thorns.” 


DECEMBER 1995 ;login : 21 



USENIX NEWS 


But once the connection was made, they started “playing” 
with the system. They had video cameras and microphones 
attached to their home systems, and came up with video¬ 
phone and intercom software. As it turns out, these were 
only interesting or desirable for certain areas. The intercom 
was useful for the home environment, but unneeded at the 
office: it was too much of an interruption in the office, but a 
nice way to stay in touch with your co-workers during those 
otherwise quiet evening hours. The videophone was seen as 
a great benefit at work, but caused trouble at home. Norm 
told of one person who was video-conferencing with a friend 
one evening, when his wife came in to say, “C’mon, time for 
bed.” Since she was unaware that the camera was on, she 
had not bothered to put on any clothes! The man at the other 
end said, “How nice to see you - ALL of you!” The camera 
was disconnected the next day. 

This brought up the whole issue of visibility: when you’re 
shooting your bits over the community’s cable TV wire, how 
do you know who’s looking at your packets? Should you 
encrypt your data? I gathered that this system does, but as 
Norm pointed out, that means you’ve got to decrypt each 
and every packet just to see if you should ignore it or not! If 
you’ve got a firewall at work, home systems need to be 
behind it, so that people can get their work done. But does 
that mean a hole in your firewall? 

Norm ended with a wonderful description of another project 
put together by those zany researchers: a radio-controlled car 
with a camera, microphone, and speakers mounted on it. 
Apparently, this was used to terrorize the office populace, 
until they decided to restrict their play (I mean “work;” this 
is work, remember) to off hours. Still, Norm described using 
it to confront an unsuspecting worker one Saturday, “star¬ 
ing” him down, then zipping away, only to have the car 
“peek” around a comer at him. The victim was heard to tell 
someone, “It’s a rabid dog!” 

All in all, this talk was a treat to listen to, and the audience 
loved it. Don’t miss a chance to hear Norm! 

Electronic Commerce: What it Means to You 

by Dan Geer 

Dan Geer has been involved in various forms of electronic 
commerce before the term was coined, and is now involved 
in getting new types of businesses involved. One of his big¬ 
gest challenges is to let business people know what elec¬ 
tronic commerce is, and what it is not. 

“It’s too new to compare it to anything,” Dan declared, but 
people always need a point of comparison. One of the major 
points he made was that up until now, much of commerce 
depended on where you were: how you contacted your cus¬ 
tomers, how you transferred funds, and how you were taxed. 
All of this changes with electronic commerce, because you 
and your customers could be literally anywhere. 

22 ;login : vol. 20 . no. 6 


He referred to electronic commerce as “Commerce on Ste¬ 
roids.” It can be bigger and faster, it will reduce or remove 
the middleman and the paperwork, and it will “kill more 
dinosaurs than distributed computing did.” However, he 
also listed several things which electronic commerce is 
NOT: it’s not entirely new; it’s not entirely divorced from 
today’s life; it’s not a guarantee of riches; and it will not be 
a bloodless revolution. 

Although this was an interesting look at some of the issues 
of The Real World (as opposed to the Virtual World of 
many systems administrators), I found it to be too much of a 
philosophical overview with too few specifics. Still, there is 
no doubt that Dan Geer is on the forefront of bringing this 
new technology into the world of business. 

The Truth about ATM 

by Barry Kercheval 

ATM has a lot going for it. It’s the high-speed networking of 
the future, with faster and faster speeds built into the speci¬ 
fications. It allows connections to be made with guaranteed 
bandwidth, avoiding the problems of contention inherent in 
Ethernet. Plus, ATM will take three inches off your waist¬ 
line. 

Well, maybe not the last part, but as Barry Kercheval 
pointed out, the hype surrounding ATM sometimes sounds 
like the miraculous products offered on late-night televi¬ 
sion. This talk brought up some of the truths and some of 
the fallacies of the miracle of ATM. 

Much of this talk covered the low-level bits of ATM. Not all 
of the low-level bits, though, because ATM is full of them. 
For instance, Barry discussed why SONET (the transmission 
layer of ATM) is synchronous, but ATM is asynchronous; 
SONET uses synchronized clocks, but ATM cells can go 
anywhere within a frame. Personally, that’s more detail than 
I needed - if I wanted that. I’d go to a seminar on the inter¬ 
nals of ATM. 

The “truth” part (in other words, the dirt) of the talk con¬ 
cerned the problems of dealing with various standards from 
various committees, which have various benefits and draw¬ 
backs to them. As an example, Barry explained how ATM’s 
small, fixed-size cells (48 bytes of data) require IP packets 
to be split across several cells. The problem is, the size and 
checksum data are in the last cell, which means that if any 
cells are lost or damaged, you won’t know until you get that 
last cell. What if it’s the last cell that’s damaged? You won’t 
know until the last cell of the nm packet! 

Barry went on to describe the trials and tribulations of set¬ 
ting up an experimental network in the San Francisco Bay 
area. Much of the troubles were startup-related, since they 
were dealing with a first-cut system that was missing sev¬ 
eral valuable features of the ATM standard. However, it did 
allow the companies participating to find out the Truth 
about ATM, which left Barry less than impressed. 



USENIX NEWS 


USENIX Board 
Meeting Summary 

by Ellie Young 
<ellie@usenix.org> 

Below is a summary of the some of the actions taken at the 
regular quarterly meetings of the USENIX Board of Directors 
which occurred on March 17, July 19, and September 22. 

USENIX Annual Technical Conference 

After months of negotiations and deliberations with UniFo- 
rum, it was decided that we would not co-locate the annual 
USENIX technical conference with UniForum’s Spring con¬ 
ference/exhibition (see the April ‘95 issue of this newsletter, 
pages 6-7 for a full explanation). We will, however, continue 
to cooperate and sponsor some tutorials. It was also decided 
that the staff should cancel several of the upcoming hotel 
contracts at expensive venues, and re-locate the annual con¬ 
ference in reasonably-priced, conveniently located proper¬ 
ties/cities. Also, beginning in 1998 the conference would 
move to a June timeframe. 

Future Conferences 

Embedded Systems Workshop. Lori Grob’s proposal to 
serve as program chair and organize a workshop on this 
topic was accepted. 

1997 Technical Conference. The proposal from John Kohl 
to serve as program chair for the 1997 Technical conference 
(to be held in January in Anaheim) was accepted. 

Tcl/Tk Workshop. Young’s recommendation that we co¬ 
sponsor the current workshop (providing our services in pro¬ 
moting, helping the program committee, and producing the 
proceedings), with the agreement that the following year 
USENIX would be sole sponsor/organizer, was accepted. 

UNIX Security Symposium. Greg Rose’s proposal to chair 
the 6th UNIX Security symposium (which would have a 
focus on applications of cryptography) to be held in July, 
1996 was accepted. 

LISA ‘96. The committee’s recommendation that we accept 
the proposal from Helen Harrison and Amy Kreiling to serve 
as co-program chairs was accepted. 

Freely Re-distributable Software Workshop. A draft 
agreement to co-sponsor a workshop on this topic from the 
Free Software Foundation was not accepted because of con¬ 
tractual and content problems. 


Nominating Committee 

Evi Nemeth was appointed to chair the Nominating Commit¬ 
tee for the 1996 biennial elections for the Association’s 
Board of Directors, with the instruction that she and all 
members of her committee not intend to run for the Board in 
this election. 

Member Services 

Rose agreed to work on revising his proposal to offer a PGP 
key signing service to members. Young was asked to look 
into having a member directory service as part of the 
USENIX home page on the WWW. A CD-ROM of past and 
current proceedings would be produced. Young and Evi 
Nemeth were working on getting equipment to provide regu¬ 
lar MBone broadcasts at the LISA and USENIX technical con¬ 
ferences. 

Lobbying 

It was decided to ask our attorney to take an election under 
Section 501 (h) of the IRS Code and that a line item in the 
budget be added to take advantage of the safe harbor provi¬ 
sion provided by the IRS which enables 501 (c) (3) organiza¬ 
tions to engage in lobbying activities. 

Budget 

Young provided an overview of the various factors that had 
affected the 1995 budget. At the beginning of the year our 
conservative budget estimated a net of $99,000; the final fig¬ 
ure will be closer to $500,000. This surplus will be deposited 
in the Association’s Endowment Fund. The Board was 
encouraged to seek and make proposals to fund new services 
and good works initiatives for the membership and commu¬ 
nity at large. 

The assumptions behind the draft 1996 budget were dis¬ 
cussed in depth, in particular the costs for promoting our 
events and providing member services. The following fund¬ 
ing and fee proposals were discussed and approved: 

Conference Fees. It was decided to add additional funds to 
the annual technical conference’s tutorial budget to produce 
a CD-ROM of the tutorial notes for attendees. The tutorial 
fees for conferences and symposia will be increased by $25 
to match those charged at LISA. Student tutorial fees will be 
raised from $50 to $70. All conferences’ technical session 
registration fees will be increased by $10. It was also 
decided that the $10 administrative fee for people renewing 
or joining at conferences will be eliminated. Exhibitor Fees 
for booth space at LISA will be increased to $1,750 and to 
$1,500 for the Technical Conference. 


DECEMBER 1995 ;login : 23 



USENIX NEWS 


Member Dues. No increase in dues will be made in the 
coming year. Young was asked to look into offering a perpet¬ 
ual membership option to make it easier and less costly for 
members to renew. 

Standards. A proposal from Stephe Walli and Nick Stough¬ 
ton to continue funding a USENIX Institutional representa¬ 
tive to IEEE POSIX and the Standards Report Editor for 1996 
was approved. 

Good Works 

A proposal to become sole sponsors of the International 
Computer Problem Solving Competition and of the US 
International Computing Olympiad on Informatics was 
approved. 

A proposal from CitySpace Project, co-sponsored by Silicon 
Graphics Inc., for support of on-site workshops and network 
event (the Nil Testbed) for students at SuperComputing ‘95 
was approved. 

It was decided to increase the funds for the student stipend 
program (wherein USENIX supplies funds for registration, 
travel and accommodations for students to attend our confer¬ 
ences) from $30,000 per year to $150,000 per year. It was 
also agreed to budget $100,000 to institute a scholarship pro¬ 
gram. Young was asked to make a proposal on a model for 
setting up and maintaining these programs. 

(Note: More complete announcements regarding these initia¬ 
tives will appear in future issues of this newsletter.) 

What To Do When You 
Need a Break From 
the 1996 Annual 
Technical Conference 

We hope you *11 join us at the 1996 Technical Conference this 
January in San Diego (see pp. 53 for details). Many people 
consider San Diego and the surrounding area to be the per¬ 
fect vacation spot. With ideal weather, the Pacific Ocean, 
beaches, and lush flora and fauna, it does seem to have all 
the ingredients for a great time, no matter what your interests 
may be. Of course, if winter sports are your pleasure, San 
Diego is not where you will find them. 

A typical day begins with some early morning fog which 
quickly bums off, leaving the rest of the day bright and 
sunny. While there won’t be any snow, winter is rainy sea¬ 
son, so be prepared - bring your umbrella and your sun 
screen. According to the Visitor’s Bureau, the temperature 


will range between 48 and 65 degrees with 63% humidity, 
with an annual average of 72% sunshine and 2.11 inches of 
rain. 

When you need to take a break from the refereed papers, 
invited talks, and other conference activities, here’s a short 
list of things to do: 

Balboa Park is the cultural center of San Diego with muse¬ 
ums, gardens, sports facilities, and theaters in ornate, Span- 
ish-style stucco buildings. Museum topics include art, cars, 
planes, sports, model trains, local history, and science. It is 
just north of downtown. 

Within Balboa Park is the San Diego Zoo, home to 4,000 
rare and endangered birds, mammals, and reptiles and 6,500 
varieties of exotic plants. It is justifiably famous for its natu¬ 
ral settings and tropical gardens. 

The San Diego Wild Animal Park allows you to view 
from a monorail or walkway endangered species roaming 
free in an 2,100 acre preserve. It is about a half hour from 
downtown San Diego. 

San Diego offers an “only in California” activity: you can 
watch the California gray whales’ annual migration to 
their breeding grounds off the coast of Baja California. The 
migration begins in mid-December and continues through 
Febmary or March. The Steven Birch Aquarium Museum 
features a Winter Whale Fest with special exhibits and edu¬ 
cational activities on the migration. The museum is the pub¬ 
lic education center for the Scripps Institution of Oceano¬ 
graphy. It is located in La Jolla, an upscale community 
close to San Diego, famous for its beaches, views, and art 
community. 

If you don’t have the time to go whale watching, Sea World 
presents animal shows throughout the day, including a free- 
flight bird show and a killer whale show in a large but nicely 
laid out park. There’s also a simulated-motion submarine 
ride, The Bermuda Triangle. 

Cabrillo National Monument offers one of the best views 
of the Coronado Islands, North Island Naval Air Station, 
San Diego Bay and San Diego itself. You may see whales, 
submarines, and America’s Cup yachts going by. The Visi¬ 
tors Center offers exhibits on the area history and there’s a 
two mile Bayside TVail hike and a restored 1854 lighthouse 
to visit. A short trail leads to tide pools. 

If you like unusual theme parks. Virtual World offers the 
world’s first digital theme park with adventures for individ¬ 
uals and groups. And if one-of-a-kind museums are your 
hobby, you may want to visit the Lawrence Welk Museum 
tracing Lawrence Welk’s beginnings and the evolution of 
the Lawrence Welk show, the longest running musical pro¬ 
gram in television history. It’s located in nearby Escondido. 


24 ;login ; vol. 20 . no 6 



USENIX NEWS 


If you have more urbane interests, the Gaslamp Quarter is 
a 16-block historic district that was the original downtown 
center of San Diego. It has mostly older buildings housing 
new businesses - restaurants and shops - that cater to many 
tastes. It’s within walking distance of the hotel. 

Coronado looks like an island but isn’t. Besides fabulous 
views, it’s the home of the Del Coronado, the quintessential 
19th century resort hotel, perhaps best known from the 
movie “Some Like It Hot,” which was filmed there. The 
Prince of Wales, the one who married Wallis Simpson, also 
stayed at the Hotel Del Coronado many, many years ago. 

Mexico is twenty miles away. US and Canadian citizens 
require only valid identification to cross the border and you 
can bring back $400 in purchases. Rental car insurance 
requires a special rider to be valid in Mexico. You can travel 
to Tijuana on the San Diego Trolley, a high-speed trolley that 
runs from downtown to the border. It stops across the street 
from the Marriott. 

Student Services 

by Diane S. DeMartini 
<diane@usenix,org> 

The decision to fund travel grants to enable students to 
attend our conferences was originally made at a meeting of 
the Board of Directors in January 1989. The first travel 
grants were issued for students to attend the 1989 Summer 
Technical Conference in Baltimore. 

Since 1989, USENIX has awarded $204,687 to 461 students 
who might otherwise have been unable to attend our events. 
In the past year USENIX awarded 46 travel grants to students 
through this program. Its goal is to foster and shepherd the 
student community which ensures the future vitality of the 
Association. 

The success of this program can be measured by the num¬ 
bers of students who, after receiving a grant, have gone on to 
become part of the USENIX community. Many continue to 
volunteer at our conferences, submit and present papers, 
write articles for ;login:, become University liaisons, and 
serve on program committees. At the regular quarterly meet¬ 
ing of the USENIX Board of Directors, which was held in 
September, the Board voted unanimously to increase the 
funding for this program to five times the current level. 

Beyond the student grant program, USENIX also serves the 
student community through programs such as the sponsor¬ 
ship of Cityspace, a virtual city model built collaboratively 
by kids across the Internet, the US International Olympiad 
on Informatics, and an educational outreach program. The 
Association also offers students discounts on membership 


dues as well as technical and tutorial conference registration 
fees. 

If you would like more information about any of these pro¬ 
grams, please contact office@usenix.org. 


Community News 

Nick Stoughton writes: “At 6:30 pm on Tuesday, August 15, 
Peter Edward Milne Stoughton was safely delivered at a 
healthy 9 lb, 3 oz. Depending on which doctor you ask, he 
was between 7 and 17 days overdue, so we are all mightily 
relieved to see him.” 

A Special Thanks 

by Ellie Young 
< ellie@usenix. org > 

As 1995 comes to an end, it is a time for reflection and 
thanksgiving. USENIX continues to be a successful organiza¬ 
tion, and this would not be possible without the volunteers 
who lend their expertise and support for our conferences, 
publications, and member services. While there are many 
volunteers that serve on program committees, coordinate the 
various activities at the conferences, work in various com¬ 
mittees, and contribute to this newsletter and to Computing 
Systems, I would like to make special mention of the follow¬ 
ing individuals, who have long supported USENIX and made 
significant contributions gratuitously in 1995: 

The program chairs for our 1995 conferences: 

• Peter Honeyman, 1995 USENIX Technical Conference 

• Jim Rees, Second USENIX Symposium on Mobile & 
Location-Independent Computing 

• Fred Avolio & Steve Bellovin, UNIX Security Sympo¬ 
sium 

• Vince Russo, Technical Program Chair, and Doug Lea, 
Tutorial Program Chair, First Conference on Object-Ori¬ 
ented Technologies 

• Dan Geer, First USENIX Workshop on Electronic Com¬ 
merce 

• Tina Darmohray and Paul Evans, LISA IX Systems 
Administration Conference 

The conferences’ invited talks coordinators: 

• Brent Welch and Ed Gould for the USENIX 1995 Techni¬ 
cal Conference 


DECEMBER 1995 ; login : 25 



USENIX NEWS 


• Laura de Leon and Peg Schafer for the LISA IX Confer¬ 
ence. 

Bryan McDonald, who devoted many hours to serving as the 
SAGE editor for this newsletter for the past 3 years. 

Evi Nemeth, Mary Baker, Trent Hein, Dennis Ritchie, and 
Brent Welch who served as the nominating committee for 
the Association’s 1996 Board of Directors election. 

Pat Wilson, Paul Moriarty, and Elizabeth Zwicky, outgoing 
SAGE Board members who served since 1993. 

The authors and reviewers of most of the articles that appear 
in this newsletter, of which, thankfully, there are too many to 
list here. 

And last but not least, the members of the USENIX and 
SAGE Boards of Directors who spend many hours in provid¬ 
ing leadership and governance. And lest we forget, our 
thanks to their employers, spouses, “SO’s”, and families for 
allowing them to do so. 

USENIX is grateful. 

Watch for... 

The USENIX member survey on publications will be com¬ 
ing your way via email within the next month. Take this 
opportunity to tell us what you think! 


1993 Papers Available on 
Web Online Library 

Full papers from the 1993 Proceedings are now available to 
USENIX members on our Web Online Library <http:lf 
www.usenix.com>. You will be able to access papers from 
the 1993 Technical Conferences in San Diego and Cincin¬ 
nati, the LISA Conference, and from workshops and sympo¬ 
sia on UNIX Security, Mach, Mobile and Location- 
Independent Computing, Microkernels, and Distributed and 
Multiprocessor Systems (SEDMS). The Library now con¬ 
tains papers from 1993-1995. 

As each future proceedings is published, we will link the 
abstracts and full papers (ASCII and PostScript). If you have 
not received your password/membership card via postal 
mail, please contact <office@usenix.org>. 

Seeking Reporters for 
San Diego Conference 

If you are attending the 1996 USENIX Technical Conference 
in San Diego in January and would like to contribute to 
;login: by writing summaries of invited talks and technical 
sessions, please send email to <login@usenix.org>. 


Statement of Ownership 
Management and Circulation, 10/1/95 


Title; ;login;. Pub. No. 008334. Frequency: Bimonthly. Six issues published annually. Subscription price: $50 individuals 
and institutions. Office of publication: USENIX Association, 2560 Ninth Street, Suite 215, Berkeley, Alameda County, CA, 
94710. Headquarters of Publisher: Same. Publisher: USENIX Association, 2560 Ninth Street, Suite 215, Berkeley, CA 
94710. Editor: Rob Kolstad; Managing Editor: Carolyn S. Carr, both located at office of publication. Owner: USENIX Asso¬ 
ciation. The purpose, function, and nonprofit status of this organization and the exempt status for Federal income tax pur¬ 
poses has not changed during the preceding 12 months. 


Extent and nature of 
circulation 

A. Total no. of copies 

B. Paid Circulation, Mail Subs. 

C. Total paid circulation 

D. Free distribution 

E. Total distribution 

F. Copies not distributed 

G. Total 


Average no. of copies each 
issue in preceding 12 months 

7432 

6642 

6642 

485 

7127 

305 

7432 


Actual no. of copies of single 
issue published nearest to filing 

6915 

6820 

6820 

40 

6860 

55 

6915 


I certify that the statements made by me above are correct and complete. 
Ellie Young, Executive Director 


26 ;login : vol. 20 . no 6 





THE SYSTEM ADMINISTRATORS GUILD 

NEWS 


From the Editor 

by Tina Darmohray 
<tmd@iwi.com> 

We’re wrapping up another publishing year in \login:, and we are making plans 
for next year. One thing I’d like to try for the SAGE section is to add a regular col¬ 
umn on interesting sites, or particular configurations or solutions. I am not look¬ 
ing for a single person to write such a column, but hope instead to tempt various 
“columnists” to submit pieces, in order for the column to reflect different per¬ 
spectives and implementations. 

I believe there is a lot of good information, and solutions to common problems, 
lurking out there in the trenches. These are things that may not be cutting-edge, 
ripe for a submission to a refereed paper track, but that are nevertheless important 
and useful: information that documents our profession and how things are done 
on a daily basis. Over time, a column such as this could serve as a reference for us 
to measure our progress against. 

If you see yourself in the above description, I would like to hear from you. 

If things go as planned, you will all be receiving this issue a week or so into 
December. This is the time of year when seasoned sysadmins know they can 
depend on there being a few less users around than usual. With that and some 
luck, maybe you’ll see some wood grain peeking through the mass of papers cov¬ 
ering the top of your desk. I hope you get a chance to prune your mail queue, read 
the previous six months’ worth of journals, and file/toss the other stuff lying 
around. And I hope you make yourself take some time to enjoy the season with 
your family and friends too! Warm wishes as we look forward to 1996. 


Summary of SAGE Board 
Activities, 1995 

by Hal Miller, SAGE Secretary 
< halm@informix. com > 

This is a summary listing of some of the activities the SAGE Board of Directors 
has been involved in this past year. Credit where credit is due: much of the work 
has been performed by the USENIX staff or by other members at the Board’s 
request. Our thanks to them! 

Sage-vendors working group: As we were unable to generate any participation, 
this group was disbanded. It may be re-chartered some time in the future, if it 
appears appropriate and interest is generated. 


SAGE, the System Administrators Guild, 
is dedicated to the advancement and recogni¬ 
tion of system administration as a profes¬ 
sion. In three years, SAGE’s membership 
has increased steadily, and there is growing 
recognition of SAGE as a representative in 
system administration issues. SAGE brings 
together system and network administrators 
for: 

• professional and technical development, 

• sharing of problems and solutions, 

• communicating with users, manage¬ 
ment, and vendors on system adminis¬ 
tration topics. 

SAGE News Editor 

• Tina Darmohray 
<tmd@usenix.org> 

SAGE Board of Directors 

• Elizabeth D. Zwicky, President 
<Zwicky@usenix.org> 

• Hal Mi^er, Secretary 
<halm@us€nixjirg > 

• Pat WjJsnn, Treasurer 

• Kim Trudel 
<kim@usenix.org> 

• Paul Evans 
<ple@usenix,org> 

• B;yan McDonald 
<bigtmiL'@uj:enix. org> 

• Paul Moriarty 
<pmm @usen ix. org > 

SAGE Working Groups 


Group 

sage-certijy 

sage-edu 

sage-ethics 

sage-jobs 

sage-locals 

sage-online 

sage-policies 


Chair 
P aul Evans 
Ron Hall 
Hal Miller 
Tina Darmohray 
Rene Gobeyn 
Mark Verber 
Lee Damon 


You CAN CONTACT THESE GROUPS VIA 
EMAIL AT 

<their-nanie@usenix.org> for ex ample ^ 
<sage-certify@usenix.org>. 

SAGE Discussion Groups 

sage-security 

sage-managers 

sage-outreach 

sage-pt 

sage-solo 

SAGE Bofs 

Sage Board 
sage-bof-women 

SAGE Online Services 

Email server: 
niaJordomo@usenix.org 

FTP server: 
ftp.sage.iisenix.org 


Member services page: A new page off the SAGE Web service has been insti¬ 
tuted where members may list their service offerings. 


WWW URL: 

http:llwww.sage.usenix.org 

SAGE Supporting Member 

Enterprise Systems Management Corp. 
Great Circle Associates 


DECEMBER 1995 ;login 27 


SAGE NEWS 


Publications: The Board approved a proposal from Rob 
Kolstad for a pamphlet on policies, which will be sent to 
members by the end of year. A request for proposals for a 
pamphlet on Systems Security: a Management Perspective 
was distributed this Fall. 

SANS: SAGE continues to co-sponsor this event, helping to 
promote the conference, having members serve on the orga¬ 
nizing committee, supplying speakers, and staffing a booth 
to supply attendees with information about SAGE. 

Archive CD: The Board is investigating production of a CD- 
ROM that will compile various kinds of information (along 
the lines of Sun-managers, HP-managers and similar mailing 
lists) to put the collected wisdom at our fingertips. 

Salary Surveys: After much discussion on how to improve 
the breadth of coverage and the meaningfulness of results, 
the Board authorized another survey be conducted at various 
events, which will add to our small list of data points. The 
results will be sent to SAGE members. 

LISA9 Conference: Another smashing success! We pre¬ 
sented the 1995 Outstanding Achievement Award to Evi 
Nemeth. SAGE also funded some travel for Nick Stoughton, 
the USENIX Standards report editor, to host a Standards BOF, 
as a way to see how much interest our members have in this 
area. 

Calendar: The 1996 SAGE calendar will be mailed to SAGE 
members in December. 

Promotion to Members: In August, we sent out copies of 
O’Reilly & Associates’ new book What you need to know 
when you can't find your Sys Admin to all SAGE members (at 
no cost to SAGE). 

Exon-Gorton Amendment: In October, a letter from the 
SAGE board was mailed with this newsletter urging members 
to look into the impact this legislation may have on system 
administrators. While this activity was not deemed to be lob¬ 
bying, both the USENIX and SAGE boards have requested 
our attorney to draft a mema concerning the definition of 
lobbying, and that we might look into setting up ourselves to 
possibly engage in lobbying activities in the future. 

Board of Directors Travel: The Board voted to reimburse 
Board members for reasonable travel expenses to two meet¬ 
ings per year, beginning with the January 1996 meeting. 


Security Potpourri 

by Shawn Instenes 
<shawni@celene.rain.com> 

SSH (mentioned in my last column in the October ;login:) 
has undergone considerable change over the last two months; 
if you looked at it before, you might want to do so again (see 
URL list below). 

Cryptography is always near the top of my list of interests 
(for whatever demented reason), and the breakup of Public 
Key Partners has left the public-key cryptosystem patents 
scattered among different players. RSADSI holds the RSA 
patent (US Patent #4,405,829), while Cylink holds the Stan¬ 
ford patents (Diffie-Hellman, #4,200,770; Hellman-Merkle, 
#4,218,582; and Pohlig-Hellman, #4,424,414). If you’re 
using this technology in any of your software, you will want 
to look at both companies’ Web pages, and the text of the 
arbitration. From reading the Web pages you’d think both 
companies “won” the arbitration. I’m not a lawyer; read it for 
yourself. 

Cheswick and Bellovin cover a wide range of firewall back¬ 
ground material with Firewalls and Internet Security, but 
stop short of offering advice on how to build one yourself. 
Now you can get that advice with Chapman and Zwicky’s 
Building Internet Firewalls, which includes a nuts-and-bolts 
level of detail about bastion hosts, packet filters, boundary 
network configurations, and discussions of protocols and 
security policies. This book belongs on the shelf of anyone 
who builds network firewalls (see below). 

My new favorite potential security problem for the Web is: 
not Java, but the HTTP file upload capability in Netscape 2.0! 
I haven’t seen this in action yet (2.0 clients aren’t available as 
I write this), but I hope Netscape thinks through the imple¬ 
mentation of this, and puts up big warning dialog boxes ask¬ 
ing, “Really upload letcipasswd to evil.hackers.orgT' Watch 
for this one. 

URLs to visit: 

SSH: http:Hwww.es.hut.filsshi 
RSADSI: http:flwww.rsa.com 
Cylink: http:flwww.cylink.com 

Netscape’s HTML 3 Extensions: 

http:!fwww.netscape.comlassist!net sites! 

htmljexentions 3.html 

Interesting books: 

Building Internet Firewalls, O’Reilly & Associates, 

ISBN 1-56592-124-0 

Firewalls and Internet Security, Addison-Wesley, 

ISBN 0-201-63357-4 


28 ;login : vol 20 . no 6 



SAGE NEWS 


Future Directions: 

A Report from the 
LISA ‘95 Advanced 
Topics Workshop 

by John E. Schimmel 
<jes@sgi.com> 

The USENIX Systems Administration Conference (LISA 95) 
held a day-long workshop with a group of senior people in 
the systems administration field. The workshop format was 
open discussion of current and future topics in the systems 
administration arena. Attendees submitted possible topics 
and three were selected to discuss. Since a number of the 
topics are likely to affect most sites in the near future Fll 
enumerate some of these issues so that we can all start pre¬ 
paring now. After all, the more minds working on an issue 
the better! 

In the morning, the group talked about security in the stan¬ 
dard UNIX shop. The feeling of the majority was that the 
firewall situation was well under control. There are a number 
of companies that are rolling out firewall products; there is a 
de-facto set of standards, and the problem space is well 
understood. The one great weakness of the firewall security 
answer has always been that, for it to be effective, there 
needs to exist a place where the network can be cleanly par¬ 
titioned; without this the firewall is greatly compromised. At 
this workshop there was a lot of discussion about session 
security. 

Session-based security as a concept is nothing new. In fact 
there are a number of very well-developed models that exist 
today. The best known of these are Kerberos from project 
Athena at MIT, the DCE family of products from the OSF, and 
the newer emerging secure socket layer standards. The big 
problem is that none of these have become popular enough 
to really define a de-facto standard. Most of the conversation 
came down to the point that the vendors had to stand behind 
a method, and perhaps we, as administrators, could help that 
come about. 

The closest thing to a standard so far has been DCE, but a 
multi-million line chunk of code is a frightening concept to 
many of the vendors and will never exist on free-ware sys¬ 
tems like Linux. 

The afternoon session revolved around upcoming issues in 
networking. There were two areas of discussion here that I 
found interesting. The first was the area of bridging versus 
routing which has returned in a new guise. The new image 
comes with the face of ATM and switched Ethernet. The 
bandwidth-hungry among us are again being lured into the 


hope of dedicated connections to the back of our machines 
with a high speed switching fabric inside of hubs. Typically 
the complexity of maintaining the hubs, the cost of the large 
memory pools needed to reassemble fragmented packets or 
FIFOs to await slow draining, or the added difficulty in locat¬ 
ing problems in a switched environment scare us away. 

My own personal opinion on the matter of bridging versus 
routing is that there is always a bigger pipe that you can stick 
into the back of your system that will still look and smell like 
the well-understood Ethernet without adding layers of obscu¬ 
rity. But, the general consensus of those attending was that 
“Everything has its place; everything in its place.” If you are 
designing a network today, and you want to know the right 
answer, then you need to know the right questions to ask. For 
the most part the vendors will not be answering the questions 
that you might imagine. In our profession, the right answer is 
almost always “the easier the better.” Choose the simplest 
solution that will work for your environment. 

The second area of promising discussion was in the area of 
mobile computing. More and more the laptop, or its equiva¬ 
lent, is becoming the modem terminal. Large herds of corpo¬ 
rate elite wander around the site, terminal in hand, wanting to 
reach central services like mail, printing, news, etc. from any 
arbitrary location within the infrastmcture. There are emerg¬ 
ing standards like DHCP, which will gladly hand you a new 
name and address as you connect in different locations, the 
DNS update protocol, which should allow you to carry your 
same name around while your address changes underneath, 
and service location, which will allow you to dynamically 
locate services around you. All of these are, however, in their 
infancy. 

The issues in designing present-day network standards that 
will support a mobile environment in the coming years are 
not at all clear. It is certain that the traffic model will change 
dramatically. Being able to easily replicate and locate ser¬ 
vices will be important and the ability to reach any network 
anywhere within an enterprise may be a requirement. 

Clearly, it is time to start thinking on these matters. 

The final workshop session dealt with the area of heteroge¬ 
neous integration in an environment. It is becoming increas¬ 
ingly evident that the terminal of the nineties is a PC or a 
Macintosh. But, more than ever it is the UNIX boxes running 
the large central services. Certainly the Internet services 
arena is dominated by UNIX based machines. PCs are mov¬ 
ing into the traditional UNIX shops in the guise of laptops 
and desktop machines, and UNIX boxes are moving into the 
traditionally PC and mainframe houses as the architecture of 
choice for large database servers, Internet gateways and fire¬ 
walls, and core service providers. 

The general consensus among the workshop attendees is that 
the above layout is likely to dominate most locations in the 
near future. The right administration model there leaves the 


DECEMBER 1995 ;login : 29 



SAGE NEWS 


core services on the central UNIX machines, and uses various 
software solutions to treat the PCs as semi-intelligent termi¬ 
nals. 

Such were the core areas of concern that arose in this year’s 
Advanced Topics Workshop. Now, we ask that smart minds 
bend toward these problems, and that good responses be pre¬ 
pared for next year’s systems administration conference. If 
you are working on one of the above problems, or some other 
area of concern, please consider presenting your work to 
other professionals in this forum. 

Also, if you plan to attend the LISA X conference next year in 
Chicago, and you think that you have interesting insights to 
add to the Advanced Topics Workshop, please come and add 
your voice. Watch ;login:, the USENIX Web page, the SAGE 
mailing list, or the USENIX newsgroup for more information 
regarding the next conference and workshop. It is never too 
early to write up a short abstract in your area of expertise. 

Perl Practicum: 

DB or Not DB? 

Hal Pomeranz 
<hal@netmarketxom> 

While Perl5 is largely backwards compatible with Perl4, cer¬ 
tain Perl4 functions have been deprecated in favor of more 
generic Perl5 functionality. A prime example of this is the 
binding of associative arrays to DBM or NDBM databases. 
The new Perl5 OO syntax provides a clean mechanism for 
binding Perl data objects to a variety of UNIX database for¬ 
mats. 

The Brave New World 

In the Perl4 world, you would normally: 

# deprecated Perl4 syntax 

dbmopen(%hash, "/home/hal/mydata"/0644) || 

die "Can't open database;\n"; 

This would associate %hash with the contents of the named 
NDBM (or DBM on older UNIXes) database. If your system 
did not have support from either database format, then this 
call generated a fatal error - not exactly “graceful degrada¬ 
tion.” 

The Perl5 library now includes (again, assuming your system 
supports these formats). pm files for NDBM and SDBM data¬ 
bases. It is easy enough to add support for Berkeley DB and 
GNU GDBM file formats (documentation is included in the 
Peris source tree), though you will have to end up remaking 
Perl. 


Here is a simple PerlS function for interfacing with an 
NDBM file: 

use NDBM_File; 

$DBM_INSERT =0; # system dependent & 
$DBM_REPLACE =1;# not in NDBM_File.pm 

sub open_db { 
my($filename) = 

tie(%HASH, NDBM_File, $filename, 

$DBM_REPLACE, 0644); 

) 

The first line loads the NDBM library NDBM_File. pm (note 
that the file name is not quoted and does not include the. pm 
extension.) The two constants defined next should really 
appear in NDBM_File. pm; as a workaround, we define them 
near the top of our program for ease of maintenance. 

The interesting piece, however, is this new tie () function 
in the open_db( ) subroutine. In PerlS, tie( ) is a generic 
function for associating a data object with a package of 
methods for operating on that object. If that last sentence is 
in no way meaningful to you, just take it on faith that this is 
the way we deal with NDBM style files nowadays. 

In a database context, the first argument to tie () is the 
associative array we are going to link to the database. The 
next argument should be the name of the package which 
contains the functions for operating on the database - 
invariably this is the same name that we put in the use 
statement. The rest of the arguments are whatever is 
expected to be handed to the C function call which opens 
your database (check the manual page if you are not sure 
what the appropriate arguments are). 

In the case of NDBM files, the arguments are a filename, a 
special flag value ($dbm_insert means you can insert new 
records but not overwrite existing records, 

$dbm_replace means you can do both), and a mode value 
for when the database files need to be created. When an 
NDBM database is created, two files are actually generated: 
one called filename. dir and one called 
filename.pag. 

The corresponding close_db( ) function is trivial: 

sub close_db { 
untie(%HASH); 

) 

untie () simply breaks the link between the associative 
array and the database file. As a side effect, the file is closed 
after any changes have been flushed out to disk. 

Manipulating Data 

It is almost never a good idea to use keys () or values () 
on arrays associated with NDBM files. If the file is large. 


30 ;login : vol. 20 • no 6 



SAGE NEWS 


you will get back a huge list and wait a long time. If you need 
to iterate over an entire database, use each (): 

open_db( "/hoine/hal/mydata'') ; 
while ((key/ value) = each(%HASH)) { 

# do work here 

) 

close_db(); 

Note that you must never add elements to the database while 
you are in the middle of looping with each ( ). If you do, you 
may end up looping forever or generating a fatal error. 

One of the (many) problems with NDBM style databases is 
that you can only associate a single data item with each key. 
Suppose, however, that we wanted to associate many pieces of 
information with a particular key. For example, suppose my 
database contained information about hosts at my site: for 
each host I would want to include its IP address, room loca¬ 
tion, owner, type of machine, and OS. One simple method 
would be to place a delimiter between each of these fields and 
use join () and split () to insert and extract information 
(pack () and unpack () work well if your data is of fixed 
size): 

# insert 

$HASH["myserver"} = 

join(";:''/ $addr, $rm/ $whO/ $type/ $os); 

# extract 

@info = split(/;:/, $HASH["myserver"}); 

If you want to be really tricky, you can marshal your data into 
a self-extracting format that you can eval () when you want 
to extract it. Here is a simple case: 

# original information 
%record = ("host" => "myserver", 

"address" => "172.16.15.1", 

"room" => "130", 

"owner" => "Bob Smith", 

"type" => "Sparc 10", 

"os" => "Solaris 2.4"); 

# marshal and insert 
$data = "\%record=("; 
foreach $key (keys(%record)) { 

$data .= "'$key'=>'$record[$key}',"; 

} 

$data .= ");"; 

$HASH[$record["host"]} = $data; 

# extract and print 

eval("$HASH['myserver')"); 
foreach $key (keys(%record)) { 
print "$key\t$record($key)\n"; 

) 

Note that marshalling arbitrary data, e.g., hashes with non- 
scalar data values, generally requires a library of recursive 
functions. 


Locking 

File locking is an issue for any serious database application. 
Here are basic file locking and unlocking routines that you 
can use: 

use Fcntl; 

sub lock_file [ 

my($file, $type) = @_; 
my($flag, $struct); 

open($file, "» $file") || return(undef); 
$flag = ($type eq "r") ? F_RDLCK : F__WRLCK; 
$struct = pack("ssx32", $flag, 0); 
return(fcntl($file, F_SETLKW, 

$struct)); 

} 

sub unlock_file { 
my($file) = 
my($struct, $status); 

$struct = pack("ssx32", F_UNLCK, 0); 

$status = fcntl($file,F_SETLKW, 

$struct); 
close($file); 
return($status); 

1 

The careful reader will note a dirty trick happening with indi¬ 
rect file handles (for more information on indirect file handles 
consult the Perl documentation or my previous column 
“Know All the Angles”). The functions themselves are 
straightforward: lock_f ile () expects a filename and a 
string which indicates the type of lock (r for a read lock and 
anything else for a write lock), while unlock_f ile( ) just 
takes a file name. We use fcntl () style locking since this 
type of locking works across networked file systems. 

I recommend using a file other than the database files them¬ 
selves for locking purposes. This way you avoid problems 
when first instantiating the database and when other pro¬ 
cesses pull the database out from under you while you are 
blocking for a lock. Note also that NDBM style databases 
have no concept row or table locking: you end up having to 
lock the entire NDBM file. This is another area in which these 
databases are inferior to modem relational database systems. 

The Right Tool For the Job 

For “quick and dirty” applications or for small prototypes, 
NDBM style databases may be the way to go. Certainly, Perl 
makes it natural to interface with these databases. Relational 
database technology will almost certainly be required for 
mission critical applications, but the huge connection over¬ 
head makes relational databases unsuitable for short-lived 
applications (CGI scripts are a good example of this class of 


DECEMBER 1995 ;login : 31 



SAGE NEWS 


application). You must analyze the requirements for your 
application, but you should try the new Perl5 syntax. It is now 
extremely easy to work with these database objects. 

Aspects of 
Professionalism 

by Paul Evans 
<ple@synopsys.com> 

I’ve been a system administrator for ten years this summer, so 
I’ve been looking back over my career, and how I got to where 
I am. I’m the kind of person who’s very aware of what I was 
doing today, this week, a year ago, four years ago, or ten years 
ago. So, this year I’ve been reflecting upon what I was doing in 
1985 when I was learning my trade and enjoying it immensely. 
Even though I got what I wanted, in that I wanted to be a UNIX 
system administrator, what I actually do today bears very little 
resemblance to what I expected to be doing at this point in my 
career. 

I spent the early years of my career in San Diego, and, like 
almost every UNIX system administrator there, my role model 
was Keith Muller. Keith was working in the Academic Com¬ 
puting Center at UC San Diego, where he was finishing his 
Ph.D. He was program co-chair for the Winter 1989 USENIX 
Conference, and received one of the lesser “keeper of the 
flame’’ awards when CSRG was given the big one. He gave 
classes for UC Extension on UNIX internals and writing device 
drivers that I eagerly attended. I met him because he had a con¬ 
sulting contract to help get our company set up as a UNIX site, 
and because he was quite good at system administration (as 
opposed to just being a developer). 

My professional goal was to be like Keith. I can best describe 
his work at UCSD as spanning OS development and system 
administration. He was an early alpha tester for BSD releases, 
wrote pax, and support for some Unisys machines in the days 
when CSRG was doing development on the Tahoe processor. I 
think it’s easy to see why this kind of career self-image is 
appealing - it leads directly to a model of the system adminis¬ 
trator as philosopher-king. (“Who shall rule? The one who 
knows.” - Plato, loosely paraphrased.) This is the kind of 
career I aspired to, and it assumes two fundamental premises: 

1. One has access to operating system source code and 
1. One is plugged into a community that shares modifications 
and additions to the evolving body of operating system 
source code. 

I assumed that this was what defined the UNIX community, and 
didn’t seriously consider the possibility that this would cease 
to be the case in a remarkably short period of time. Thus, 
recently and for the first time in my career, I was amazed and 
depressed to find recently that I work for an employer who has 
neither BSD, nor AT&T, nor vendor source code licenses. It’s 


hard to imagine yourself as a philosopher-king without the 
access to source code that would help make the image more 
realistic. Even if you have access to source code, though, if 
you don’t have voting rights in its evolution (as is the case 
with vendor source code), it amounts to the same thing. I 
suspect most system administrators not working for an aca¬ 
demic site have been in this situation for some time. 

I think, however, that there is reason for optimism. A num¬ 
ber of the younger system administrators joining our group 
in the last year have asked for and been given PCs running 
Linux as their workstations. This struck me as a novelty at 
first, but now I think that I can understand the appeal of par¬ 
ticipating in a community that shares its operating system 
source code and contributes to its evolution. It’s the reason I 
got into this business in the first place. 

Avoiding Open-Ended 
Questions 

by John Ferguson 
<ferg@Synopsys.COM> 

One of the worst things a systems administrator can do is 
ask the user community open-ended questions like, “What 
do you want me to do?” Almost invariably this leads to situ¬ 
ations where the users are unhappy, the system administra¬ 
tion staff is over-committed (or committed to taking action 
which is wasteful of company resources) and the real prob¬ 
lems never get solved. 

People who are not professional system administrators, 
regardless of their technical expertise, simply do not know 
how to effectively solve system administrations problems. 
By the same token, I know how to uproot a tree with a Cat¬ 
erpillar D5, but, since it’s not what I do every day, I proba¬ 
bly should not try to clear an orchard or advise professionals 
how to do it. 

Despite the obviousness of the preceding statement, I am 
constantly assaulted by requests, such as: “Please create 
these filesystems and create the new account, foo, to own 
them ... oh, and make them world-writable.” Another typi¬ 
cal request is, “Purchase a Sparc20 with 8GB of disk for 
installation testing.” The problem with these requests is that 
they do not address the problem that needs solving. In the 
first case, a group of people need access to some piece of 
disk for project work. The request that it be world-writable 
is due to the users’ misunderstanding of file permissions. In 
the second case, the disk space is completely out of line 
with what our typical customer uses and with what our man¬ 
uals suggest as the minimal (or even reasonable) configura¬ 
tion. What the requester wants is a machine that will make 
his job easier, not one that will test our software installation 
process. 


32 ;login : vol. 20 • no. 6 



SAGE NEWS 


One of my managers used to meet regularly with several other 
managers to discuss the needs of our users and the services the 
sysadmin group provided. Unfortunately, the other managers 
were not as technically astute as they thought and my manager 
kept asking, “What do you want us to do?” The result was that 
he basically gave away the store, promising unrealistic solu¬ 
tions based on his own lack of technical expertise. When he 
went back to the sysadmin staff with the “agenda” given to 
him by the other managers, he was met with resentment and 
ridicule. The staff ended up wasting huge amounts of time try¬ 
ing to outmaneuver the managers while still appearing to do 
their bidding. Of course, they all the while kept pursuing real 
solutions. 

In the case of the sysadmin manager, it would have been better 
to either have offered to take the other managers’ comments 
back to his staff and see what solutions they could offer or 
simply stay quiet. The negative effect of the open-ended ques¬ 
tion could have been avoided, either way. 

In the case of the sysadmin, the question to ask whenever a 
request is made is, “What is the problem we are trying to solve 
here?” Ask a few probing questions to put together a scenario 
of how resources might be used. Ask who is going to be 
accountable, who is going to access the resources and how 
often? Who else might be affected by the resource allocation? 
Then, when all the variables are accounted for, suggest one or 
more viable solutions that both meet the users’ needs and fit in 
with site management policies and practices. 

I recently had a user open a call: “Please give me root access 
to my desktop machine or make /etc/aliases writable by me.” 
The first part was not allowed per our site policy and the sec¬ 
ond made no sense at all. I stopped by his office and asked 
what he was trying to accomplish. It turned out he had a mail¬ 
ing list that had grown so large that an entry in his .aliases was 
inadequate. I first explained that we currently use NIS for 
aliases and, that if we decide to change that, we will rdist 
aliases, in which case his edits would be lost. Instead, I sug¬ 
gested a Majordomo mailing list he could own and manage. I 
explained how it worked and all the advantages it offered. 

The user was still uneasy. I probed a bit more and discovered 
the mailing list was unrelated to work and he was afraid some¬ 
body would object to the misuse of company resources. After 
assuring him that, “Nobody gives a damn about that!,” we cre¬ 
ated the mailing list and closed the call. By probing enough to 
find out what the real problem was, it was possible to provide 
the solution that far exceeded the user’s expectations. 

Whenever you get a request for some action from a user it is 
wise to avoid taking the open-ended “what will make you 
happy” approach in favor of the “what is the problem that 
needs a solution” approach. Whenever you get what seems 
like a totally absurd request and feel like throwing up your 
hands in frustration, remember that the request is coming from 
someone who is not a professional system administrator. The 


person is not trying to make your life miserable or undermine 
the corporation, but merely stating a problem in terms of an 
incorrect solution. You can provide the correct solution by 
finding out what the real problem is. You can only do that 
when you avoid the trap of asking open-ended questions. 

SysAdmin at the Movies: 
Braveheart 

by Nick Cuccia 

<cuccia@motherhouse.Talamasca.COM> 

Braveheart, starring and directed by Mel Gibson, is a touch¬ 
ing and heartwarming story about a renegade IS manager at a 
large multinational organization. Bill, a user suffering from 
the trauma of having his parent and peer processes terminated 
(with extreme prejudice), is taken under the wing of Argyll, 
who teaches him the fine points of system administration. 

Once his apprenticeship has completed, he returns home, 
and after some preliminary tests of his skills, is generally 
welcomed by both his customers and fellow systems adminis¬ 
trators. Soon, however, one of his best customers is merci¬ 
lessly sacked, forcing Bill to challenge the corporate 
hierarchy. Bill finds that he’s wildly successful, ultimately 
winning the admiration of his division’s users and his fellow 
administrators, and the grudging respect of the senior man¬ 
agement of his division, even succeeding at gaining the sup¬ 
port of IS groups in other divisions. 

When senior management fails to address the grievances he 
and his colleagues have raised, he and his colleagues take 
their issues directly to corporate, with some success. How¬ 
ever, his activities distract the CEO from his merger and acqui¬ 
sition efforts and cause him to worry about the post-retirement 
chain-of-command. The CEO, troubled by the chaotic state of 
affairs, ultimately has Bill escorted to his office, finally termi¬ 
nating him. Unfortunately for the CEO, his actions come too 
late; Bill has sown the seeds of reform amongst his supporters 
at corporate, and his divisional senior management finally 
realizes that their fortunes are best sought by splintering off of 
corporate and striking out on their own. 

Mel Gibson is brilliant as Bill, and the images he directs show 
the corporate infighting in all of its gory, beautiful detail. 

Nick-Bob gives Braveheart four root-prompts. 


DECEMBER 1995 tlogitl : 33 



FEATURE 


In future issues we will continue 
to feature interviews with and 
profiles of notables in the field 
of advanced computing sys¬ 
tems. 


Interview with John Ousterhout 

by Rob Kolstad 
<kolstad@BSDLCOM> 

[Editor's Note: John Ousterhout <John.Ousterhout@Eng.Sun.COM> is the 
author of both Tcl and Tk and a Distinguished Engineer at Sun Microsystems, 
Inc. He is an ACM Fellow and has received numerous awards, including the 
ACM Grace Murray Hopper Award, the National Science Foundation Presiden¬ 
tial Young Investigator Award, and the U.C. Berkeley Distinguished Teaching 
Award. Ousterhout received a PhD in Computer Science from Carnegie Mellon 
University. 

John will be teaching a tutorial ‘Tntroduction to TclITk" and chairing the File 
Systems technical session at the 1996 USENIX Technical conference in San 
Diego, January 22-26,1996.] 

Rob: Now that you have joined the commercial world, how do you view the 
future of Tcl/Tk and its commercialization? 

John: I hope that my being at Sun will improve the free versions of Tcl and Tk 
and also create more opportunities for companies to use them commercially. We 
currently have a team of eight people at SunLabs working on improving the Tcl 
and Tk core software which we’ll continue to release freely. We’re also working 
on opening up the commercial possibilities for Tcl and Tk. For example, we’re 
setting up a Web-based storefront where people will be able to sell Tcl/Tk exten¬ 
sions and applications. We hope that this will stimulate the development of more 
Tcl/Tk products and enrich Tcl and Tk as a programming environment. 

Rob: Why is Sun investing a lot of money developing free software? 

John: There are two answers to this question. The first answer is that Sun bene¬ 
fits internally from Tcl and Tk. There are more than thirty groups within Sun 
using Tcl and Tk, and the improvement in efficiency that Tcl and Tk provides to 
these groups offsets much of the cost of my team. The second answer is that we 
expect to generate additional revenue for Sun from Tcl and Tk. The core software 
will always be free, but we will also build development tools, extensions, and 
applications that we’ll sell. One example is SpecTcl, an interactive GUI builder 
that we’ll be releasing soon. SpecTcl will probably be free in the early versions, 
but eventually people will have to pay for it. Perhaps the biggest challenge to our 
group is to find a way to balance the free nature of Tcl and Tk with the need of 
any company to generate revenue. 

Rob: Does free software make sense in today’s world? 

John: Yes. I think that the importance of free software has increased in recent 
years with the development of the Internet. Free software and the Internet are 
symbiotic. On the one hand, much of the interesting Internet software is free, 
such as the base protocol stacks that came out of CSRG’s BSD system. On the 
other hand, free software needs a free distribution channel and the Internet pro¬ 
vides such a channel. There are now many significant pieces of free software, 
including the GNU tools, Perl, Tcl/Tk, and Mosaic, to name just a few. Compa¬ 
nies have traditionally shied away from free software, but I think that this will 
become increasingly expensive for them to do. 


34 ;login ; vol. 20 . no 6 



FEATURE 


Rob: But isn’t free software poorly supported when com¬ 
pared to commercial software? 

John: Many people would claim just the opposite. Free 
software tends to be surrounded by communities of gurus 
who provide advice and bug fixes freely and quickly. I look 
at it like this: if a piece of free software has more than about 
10,000 users, then it will be pretty reliable, reasonably easy 
to learn, and fairly well maintained. If it didn’t have these 
features, it wouldn’t get that many users: non-experts 
wouldn’t use software with these attributes, and if there are 
10,000 wizards using a piece of flaky software, they’ll sim¬ 
ply fix it. Thus I think a company can feel safe using any 
piece of free software with a large user community. 

Rob: The Perl guys seem to be doing a good job of interfac¬ 
ing the Perl programming language with the Tk toolkit. 
Where does this leave Tcl? Will it still be the language of 
choice for driving Tk? 

John: People should use whatever tools they feel most 
comfortable with. Tcl and Tk were designed together, so the 
relationship between them is likely to be particularly 
smooth. On the other hand, Perl has many attractive features 
such as its string-handling facilities, and there is a large 
community of Perl-lovers. I’m delighted to see that Perl and 
Tk can be used together. I think it’s unlikely that either Tcl 
or Perl will totally eclipse the other, because they have dif¬ 
ferent sets of strengths and weaknesses. Tk is also being 
used by several other languages ranging from Python to ML. 

Rob: Your academic career was in high gear when you 
chose to switch to the commercial research world. Looking 
back over the last year or two, what are the main changes, 
strong points, and challenges that you see in your work life? 

John: In many respects things haven’t changed much for 
me. I still work with a team of about a half-dozen people; I 
still try to build software that other people can really use, 
and I still spend a fair amount of time educating other peo¬ 
ple. The main difference is that now I can focus more on the 
development and product aspects of Tcl and Tk. I’m a neo¬ 
phyte at the business issues related to computer software, 
and it’s been lots of fun to learn more about them. The big¬ 
gest challenge for the next few years is to create markets 
around Tcl and Tk so that lots of companies can profit from 
using and enhancing Tcl and Tk. Ultimately, I think this is 
the best way to guarantee that Tcl and Tk survive over the 
long term. 

Rob: Are you considering other new languages or tools for 
the future? Or is Tcl/Tk going to be a long-term commit¬ 
ment that uses up all your time? 


John: For at least the next few years, Tcl and Tk will soak 
up all of my available cycles. Over the longer term. I’m sure 
that I’ll find lots of interesting things to work on besides Tcl 
and Tk, but I don’t have any specific plans right now. 

Rob: Long ago there was a rumor of a Tcl/Tk-based browser 
for the World Wide Web. Do you envision such a thing for 
the future? 

John: Stephen Uhler, one of the engineers in the Sun Labs 
team, built a Tcl/Tk Web browser last spring as an experi¬ 
ment. It took only about 2000 lines of Tcl/Tk and one month 
of his time to build it, yet it has roughly the functionality of 
Mosaic (full support for HTML levels 1 and 2). It’s a very 
cute implementation: the basic HTML parser is about ten 
lines of Tcl code that perform regular expression substitu¬ 
tions on the HTML to turn it into a Tcl script. We decided 
that the world probably doesn’t need another Web browser 
right now, but Steve has released the core library, which dis¬ 
plays HTML in Tk text widgets. People may find this useful 
for embedding HTML support into other applications. The 
library is available in the standard Tcl/Tk FTP directories. 

Rob: Are you continuing capital-R Research or mostly 
devoting time to commercial ventures? 

John: Perhaps I’m a bit more development-oriented nowa¬ 
days, but I’m not sure that there’s been a big change. I’ve 
always tried to build systems that are useful to people while 
also exploring new concepts. When I was at Berkeley, this 
put me at the most applied, pragmatic end of the research 
spectrum. Even though I’m in industry now I still hope to 
explore new concepts in my work; this will probably put me 
at the most researchy end of the development spectrum. 

Rob: Do you have any statistics you can share about pro¬ 
ductivity gains using Tcl/Tk? 

John: I wish I had good statistics on this; unfortunately, all 
I have is anecdotes. I used to feel nervous claiming an order 
of magnitude reduction in development time with Tcl and 
Tk, but I’ve heard so many stories of huge productivity 
gains that I’m no longer embarrassed to make the claim. 
One typical story came from an engineer who had spent six 
months implementing 15,000 lines of C-H-i- code for a user 
interface; he spent less than a month learning Tcl and Tk 
and reimplementing the entire system. The Tcl/Tk version 
was only 750 lines of code and had more functionality than 
the original system. People who have used Tcl and Tk virtu¬ 
ally never challenge the lOx claim and many people have 
told me that lOx is too conservative. 


DECEMBER 1995 ;login \ 35 



FEATURE 


The Web Master: 
Context-Sensitive Web 
Pages with CGI 

by Dave Taylor 
< taylor@intuitive. com> 

There are two ways to look at the World Wide Web today, in 
my view. Either it’s a virtual, massively extended book with 
thousands upon thousands of pages of static information, 
each with an additional sprinkling of hyper-refs, or it’s a 
completely new medium where for the first time informa¬ 
tion can be unique for each recipient, published, formed and 
composed on-the-fly. Then again, perhaps it’s somewhere in 
the middle. Indeed, there are two waves of Web weavers, if 
I can mix my metaphors a bit. There are those who consider 
the basics of hypertext markup language, or HTML, are all 
the tools they need, then there are those who eschew such 
simple solutions, opting instead for smart, dynamic Web 
documents that instantaneously change and are - perhaps - 
even self aware. 

Accomplishing the former goal is easy and I’m sure that 
anyone in USENIX can master the arcane markup language 
in a weekend, producing cool pages that contain informa¬ 
tion of value or interest to the rest of the online community. 
It’s the latter trick that I’d like to talk about in this column, 
the ways that you can have smart pages and smart function¬ 
ality: call them Common Gateway Interfaces. 


The Mutant Brother In the Attic: CGI 

Okay, I’ll admit it here: the Web, and all that it’s spawned, is 
ugly and pretty much a huge hack. It’s somewhat of a mira¬ 
cle that it works as well as it does, and that it appears so 
seamless, when underneath it’s weird and remarkably 
inconsistent. It’s not just the markup language itself, mind 
you, but the actual protocol and even the way that the server 
identifies the type of information being sent to the client that 
is so strange. 


It all kinda works like this: 


□ 

Client PC 



content of file Seiver 


This is the simplest case: the client program, the Web 
browser, asks for a specific file using its address or Uniform 
Resource Locator (URL). The server looks for it and if it 
finds it, sends back the contents of the specified file. If not, 
an error ensues and you get an ugly one liner like “404 File 
not found.” 

The thing of it is, however, instead of “send me back the 
contents of a file,” what if the request was actually more 
akin to “run this program and send me the output?” Better, 
what if the program itself could output information in the 
Web markup language - HTML - so that the results would 
be attractive and consistent? That’s what interactivity is all 
about on the Web, and that, due to the hacked nature of the 
Web, turns out to be a bit trickier than you might hope. 

In order to have a program, rather than a file, be the target of 
a URL, you can simply write something that outputs HTML 
code. Worst case, something like the following would do the 
trick: 

#!/bin/sh -f 

echo "Content-type: text/html" 
echo "" 

echo "<HTML><BODY>" 
echo "<Hl>Hello World</Hl>" 
echo "</BODY></HTML>" 
exit 0 

It’s a simple shell script, but don’t rush off and try to do this 
on your machine yet, because the Web server program typi¬ 
cally only executes programs in certain directories on the 
server, most commonly “cgi-bin” (Common Gateway Inter¬ 
face Binaries). If you can drop programs into that directory 
on your server (and it can be anywhere in your file system: 
check with the person who built the server - or look in the 
config files - to find out where this directory lives), you’re 
ready to roll with simple programs, chmod the file to ensure 
it’s executable, and figure out the full URL including your 
hostname. (For my testing, it was http:!ItesthostIcgi-bin! 
hello.sh). Any output that your program emits is sent, as is, 
to the client program (browser) on the other end of the wire. 
Show what time it is, for example, by including date in the 
script, or who’s logged in with who. Remember, though, the 
output is HTML, so you’ll want to wrap things up to format 
correctly. Here’s a very simple example: 

#!/bin/sh -f 

echo "Content-type: text/html" 
echo "" 

echo -n "<hl>Welcoine to " 

hostname 

echo -n "It's " 

date 

echo "</hl>" 

echo "Here's Who is Logged In Right Now:" 

echo "<BLOCKQUOTE><PRE>" 

who 

echo "</PRE></BLOCKQUOTE>" 
echo "</BODY></HTML>" 
exit 0 


36 ;login : voL. 20 . no 6 





FEATURE 


The output is going to be something like: 

Welcome to test.intuitive.com 
It's Fri Oct 6 14:06:41 CUT 1995 

Here's Who is Logged In Right Now; 

sol pts/2 Oct 06 00:48Cserver.iadfw.net) 
taylor pts/5 Oct 06 13:56 {dtaylor.vip.best) 

Not too gorgeous, but quite utilitarian and the basis for 
some interesting status scripts and such. Let’s have a look. 

The Environment Wrapped up 
in the CGI Transmission 

Interestingly, the request for a URL from the client comes 
wrapped in a package that contains various snippets of use¬ 
ful information. When they get to the CGI program, they’ve 
become part of the calling environment. Here’s a simple 
script that lets you see what you’ve got: 

#!/bin/sh -f 

echo "Content-type: text/html" 
echo "" 
echo "<PRE>" 

env I 1 printenv # SVR4 or BSD - skip errors 
echo "</PRE>" 
exit 0 

And here’s the output. You can see what kind of client I’m 
using if you look closely at the myriad of data points 
dumped onto the screen. 

DOCUMENT_ROOT=/home/httpd/htdocs 
GATEWAY_INTERFACE=CGI/1.1 
HTTP_ACCEPT=*/*, image/gif, 
image/x-xbitmap,image/jpeg 
HTTP_USER_AGENT=Mozilla/l.IN 
(Macintosh; I; 68K) 

PATH=/bin:/usr/bin:/usr/ucb:/usr/bsd:/ 
usr/local/bin 
QUERY_STRING= 

REMOTE_ADDR=205.149.165.109 
REMOTE_HOST=dtaylor.vip.best.com 
REQUEST_METHOD=GET 

SCRIPT_NAME=/cgi-bin/sprint/test.sh 
SERVER_NAME=www.2sprint.net 
SERVER_PORT=80 
SERVER_PROTOCOL=HTTP/1.0 
SERVER_SOFTWARE=NCSA/l.4.2 

One point of frustration for marketing folks here is that 
there’s no remote login name or email address in this set of 
information. The best you can get automatically from a con¬ 
nection - today - is their remote hostname (variable 
remotejost) and the type of system they’re running 


(variable http_user_agent). You can extract the specific 
browser with a couple of simple UNIX tools: 

x=""echo $HTTP_USER_AGENT | 
sed 's:/: :g''" 

browser="^echo $x | cut -d\ -fl'" 

The sed invocation replaces the slash that separates the 
browser from its version ID so we’ve got arguments sepa¬ 
rated by spaces, then cut is giving us the first field (word) 
in the argument as variable browser. 

There are a ton of different browsers on the net today, but a 
small number represent a large fraction of the user popula¬ 
tion. Here are some of the most common user agent identifi¬ 
cation strings: 

HTTP_USER_AGENT=Lynx/2-4 -2 libwww/2.14 
HTTP_USER_AGENT=Microsoft Internet 
Explorer/4.40.308 (Windows 95) 
HTTP_USER_AGENT=Mozilla/0.96 Beta 
(Windows) 

HTTP_USER_AGENT=Mozilla/l.IN 
(Macintosh; I; PPG) 

HTTP_USER_AGENT=Mozilla/l.22 
(Windows; I; 32bit) 

HTTP_USER_AGENT=NCSA Mosaic for the 
X Window System/2.4 libwww/2.12 modified 
HTTP_USER_AGENT=NetCruiser/V2.00 
HTTP_USER_AGENT=PRODIGY-WB/l.3e 
HTTP_USER_AGENT=Spyglass Mosaic/1.0 
libwww/2.15_Spyglass 

Now, let’s say you have two versions of the same Web page, 
one for people with graphic capability, and another for those 
using the utilitarian Lynx text-only Web browser. Here’s 
how you can do it: 

#!/bin/sh -f 

echo "Content-type: text/html" 
echo "" 

x=""echo $HTTP_USER_AGENT | 
sed 's:/: :g''" 

browser="'echo $x | cut -d\ -fl'" 

if [ $browser = "Lynx" ] ; then 
echo here is the lynx file 
else 

echo here is the graphical file 
fi 

exit 0 

One drawback to this approach, of course, is that you now 
have to maintain two parallel HTML pages with the same 
basic information inside. 

Instead, how about using the familiar if def notation that’s 
all over C programs within an HTML file? We can do this 
because it turns out that in a typically UNIX way, the C com¬ 
piler uses a preprocessor, cpp, that’s a stand-alone program. 
Here’s what we’d like to have inside our source document: 


DECEMBER 1995 ;login : 37 



FEATURE 


#if BROWSER == Lynx 

lots of text-oriented tags 

#else 

big image map for graphics users 

tendif 

buried in the middle of an otherwise unremarkable HTML 
document. Certainly easier to maintain! 

For this discussion, let’s assume that it’s only the home page 
that needs to be delivered in this context-sensitive fashion. 
Instead of a home page of http: 11 hostname!--taylorl 
home.html, we’ll use http:!/hostname!cgi-binItayloKhtml, 
which looks like: 

#:/bin/sh -f 

sourcef ile=''/home/taylor/public_html/home. html" 
OPTS="" 

echo "Content-type: text/html" 
echo "" 

echo "<CENTER>Processing file <tt> 
$sourcefile</tt></CENTER>" 

x="^echo $HTTP_USER_AGENT | sed ’s:/::g''^ 
browser=''^echo $x | cut -d\ -fl'" 

if [ $browser = Lynx ] ; then 

OPTS="-DLYNX" 

elif [ $browser = Mozilla ] ; then 

OPTS="-DNETSCAPE" 
fi 

if [ : -f $sourcefile ] ; then 
echo "<B>Can't find file $sourcefile</B>" 
else 

echo "<HR><BLOCKQUOTE><PRE>" 
sed 's/</\&lt;/g;s/>/\&gt;/g' $sourcefile 
echo ''</PRE></BLOCKQUOTE><HR>'' 
if t X$browser = X ] ; then # no browser 
specified 

/usr/lib/cpp -C -P $sourcefile 
else 

/usr/lib/cpp -C -P -DBROWSER=$browser 
$OPTS $sourcefile 
fi 
fi 

exit 0 

The HTML file can now have the conditional lines sprinkled 
therein without further ado, and, depending on the type of 
browser the client uses, the results can be quite different. 
Even more cool, this also gives you something that I’ve 
wanted in my HTML files for a long time: a #include 
capability to grab the text of another shared file as I go 
along. Here’s how a super-simple HTML file could look 
expecting the pre-processor to go through it: 

<HTML><BODY> 

<BASEFONT siZG=5> 

#ifdef BROWSER 

<CENTER>You are running BROWSER as your 
Web cliGnt</CENTER> 

<HR> 


#endif 

Hello and welcome to my home page! 

<P> 

#if NETSCAPE 

<B>You're a Netscaper!</B> 
ttelif LYNX 

<B>Ahhh... text only, eh?</B> 

#else 

<B>What kind of browser is BROWSER?</B> 

#endif 

#else 

<B>You don't have a browser defined?</B> 

#endif 

</BODY> 

</HTML> 

This exact same approach can allow you to have information 
on pages that’s only displayed to people within your own 
company (set a variable based on the domain 
remote_host) or perhaps a disclaimer for students or non¬ 
profit organizational members visiting your site (domain = 
edu or org). 

Here’s a piece of a shell script that extracts and sets variables 
for the type of client program, topmost domain, and primary 
host domain (that is, if you’re coming in from 
'kitten.usenix,org\ TOPMOST=org and domain= 
usenix. org): 

TOPMOST=""echo $REMOTE_HOST|rev|cut-d.-f1 | rev'" 
DOMAIN=""echo $REMOTE_HOST|rev|cut-d.-f1,2|rev'" 

Note the double use of the obscure UNIX rev command 
which reverses characters in the line. By reversing the 
remote domain name (to gro.xinesu.nettik) I can get the first 
field only (-f i to cut) as the topmost domain, and the first 
two fields as the regional domain. Then flip it back with 
another call to rev and it works great! 

Finally, you can also have conditional HTML code based on 
the time of day, load of the machine, and so on. Whatever 
you can imagine, you can implement! 

Another Server Response Trick 

One nuance of CGI response that I find quite cool is that if 
your program emits a line Location : url with some valid 
URL for a page anywhere on the network, the connection to 
the server is dropped and that page is fetched as the reply to 
the query. That is, say I’m at usenix.org and have a CGI 
script elsewhere. sh in the cgi-bin directory. It’s a tiny 
script, looking like this: 

#I/bin/sh -f 

echo "Content-type; text/html" 
echo "Location: http://www.acm.org/" 
echo "" 
exit 0 


38 ;login : vol. 20 . no. 6 



FEATURE 


You connect to the URL http:Hwww.usenix.orglcgi-binl 
elsewhere.sh and what’s returned is actually http.ifwww. 
acm.orgi. Make sense? 

So what can you do with this? The most obvious answer is a 
random forwarding service, a so-called URL roulette, where 
you connect to this URL and it randomly picks another from 
a file and sends you there instead. Sort of like this pseudo¬ 
code: 

randomurl = 'pick-random-line-froin 
urllist' 

print "Location: " $randoniurl 

More interestingly, you can combine what we’ve been 
exploring to have a page that takes people to the home page 
of their browser 

#!/bin/sh -f 

echo "Content-type: text/html" 

x="'‘echo $HTTP_USER_AGENT | sed 's:/::g’'" 
browser="'echo $x | cut -d\ -fl'" 

case $browser in 

Cello ) loc=http://www.law.Cornell.edu/cello/ 
cellotop.html; ;; 

Spyglass ) loc=http://www.spyglass.com/ 
three/index.html; ; ; 

Lynx ) loc=http://www.cc.ukans.edu/ 
about_lynx/about_lynx.html; ;; 

NCSA ) loc=http://WWW.ncsa.uiuc.edu/SDG/ 
Software/; ;; 

Mozilla ) loc=http://WWW.netscape.com/; ;; 

NetCruiser ) loc=http://www.netcom.com/ 
faq/; ;; 

Microsoft ) 

loc=http://WWW.windows.microsoft.com/ 
windows/ie/ie.htm; ;; 

* ) loc=http://WWW.yahoo.com/; ;; 

esac 

echo Location: $loc 
echo "" 

exit 0 

If we don’t know what to do with their browser, we send 
‘em to Yahoo! 

Next Issue 

That’s it for this column. In the next issue of ;login: I’ll 
tackle the question of how specific information can be sent 
from the client to the CGI program using FORMS and how 


your CGI programs can be written to process and respond to 
the information therein. 

Thanks to James Armstrong for his help on debugging these 
shell scripts. 

The NetBSD Project: 

A Highly Portable 
UNIX-like System 

by Charles Hannum 
<mycroft@netbsd,org> 
and John Kohl 
<jtk@kolvirMrc.ma, us> 

NetBSD is a freely distributable UNIX-like operating system 
which runs on a wide variety of hardware platforms and 
runs programs targeted for several other operating systems. 
NetBSD comes with full source code, and can be obtained 
from FTP and SUP (CMU’s Software Upgrade Protocol) 
servers around the world. See the end of this article for more 
information on obtaining NetBSD. 

A Brief Timeline 

The NetBSD project began in early 1993. The goals of the 
project were simple: to make a stable and portable system, 
initially based on UCB’s Networking/2 release, and port it to 
as much different hardware as was reasonable. Largely, 
these goals have been achieved. 

NetBSD 0.8 was released in April 1993. This was the first 
public release of NetBSD, and was based on Bill Jolitz’s 
port of BSD to IBM PC compatibles, 386BSD. NetBSD 0.8 
ran only on PCs, and was intended as a quick bug-fix release 
for 386BSD, but also included some improvements, includ¬ 
ing a mostly platform-independent SCSI subsystem. 

NetBSD 0.9 was released in August 1993. It included, 
among other things, a new, more general execve () imple¬ 
mentation, a new physio () implementation, a new imple¬ 
mentation of ring buffers for the tty system, and a new 
implementation of the buffer cache. In short, most of the 
“seven files” (files that Berkeley omitted from the Net/2 dis¬ 
tribution for legal reasons) were rewritten. At this point, 
work was under way to port NetBSD to other platforms. The 
hp3(X) port from Net/2 was already included in the source 
tree, but wasn’t yet reliable enough for mass consumption. 

NetBSD 1.0 was released in October 1994, with binary 
releases for Amigas, HP 9000 series 300 and 400s, PCs, 
Macintoshes with 68k CPUs, PC532s, and some models of 
SPARCstations. Major changes in this release included 


DECEMBER 1995 ;login: 39 



FEATURE 


dynamically linked shared libraries, incorporation of signif¬ 
icant portions of the 4,4BSD-Lite release from UCB, support 
for several more hardware platforms, multicast, significant 
reengineering of older kernel subsystems, and a new math 
library based on Sun’s freely distributable fdlibm. Binary 
compatibility with SunOS for SPARC and most 68k plat¬ 
forms was also included, and compatibility with SCO was 
present but still under development. 

NetBSD 1.0 represented a milestone in the free software 
community: the first free, fully-functional UNIX-like system 
available for multiple hardware platforms. Some of this 
work has already been used in other operating systems, and 
some of it has been given back to Berkeley for inclusion in 
4.4BSD-Lite2. 

The next release of NetBSD, version 1.1, will include sup¬ 
port for several more hardware platforms (including a 64-bit 
port to DEC Alpha machines), significantly more advanced 
binary emulation (including iBCS2, Linux, OSF/1, SunOS, 
SVR4, Solaris, and Ultrix, on various platforms), newer 
multicast support (including enhancements developed for 
NetBSD), and expanded networking support (including 
ARCnet). These are items which are already available, but 
may be improved by that time. There are many more things 
under development but not yet widely available. 

For people feeling adventurous, there are daily snapshots of 
the current development sources (called NetBSD-current) 
available via FTP and SUP. Many people use NetBSD-cur¬ 
rent, and they are often a valuable source of information to 
developers about bugs and other deficiencies. 

Organization 

The NetBSD project is a loosely knit organization of volun¬ 
teers around the world who communicate primarily via the 
Internet. Indeed, the “Net” in “NetBSD” does not refer to 
networking software, per se, but is intended as a tribute to 
the Internet, without which the project would not exist. 

There are several classes of people who contribute to Net¬ 
BSD, some of which overlap: 

• The “core group.” These are the people who are “in 
charge” of the project. They maintain core services, like 
the CVS server and the mailing lists, and sometimes 
make final decisions on technical issues. 

• The port maintainers. These are the people responsible 
for ports to specific hardware platforms. They make 
decisions about what goes in their port, and in most cases 
contribute significantly to the development for that port. 

• Users. These are the people who actually use NetBSD for 
other work. They provide bug reports, feedback, and 
contributions of code. 

40 ;login : vol. 20 . no. 6 


In general, the people who know most about a specific area 
of the source take charge of it, and deal with bugs and con¬ 
tributions to that area. There are other people who can fill-in 
when those people are not available. This organizational 
structure has proven fairly successful, because it eliminates 
the single point of failure present in many other free soft¬ 
ware projects. 

The NetBSD project is organized to foster development of 
the system; it is not geared toward promoting the project. 
Although the developers will, when asked, describe the 
code’s capabilities and expected future directions, they pre¬ 
fer to devote energy to creating, maintaining, and porting 
the system. 

Portability And Modularity 

As was mentioned earlier, portability was one of the pri¬ 
mary goals of the NetBSD project. Because NetBSD runs on 
a wide variety of hardware, people can use their existing 
hardware (e.g., SPARC, i386, m68k boxes) to participate in 
the project. 

To improve the system’s portability, several of the kernel 
subsystems have been generalized: 

• The SCSI subsystem is split into a three-level structure, 
with specific host adapters at the lowest level, modules 
for specific types of SCSI devices at the highest level, and 
a crossbar in between so that each host adapter can com¬ 
municate with each device type, without one device 
needing to know specific details about the other. A new 
host adapter driver can be written without modifying any 
other code. 

• The audio subsystem is split into a two-level structure, 
with a generic queueing and mixing interface at the top, 
and support for specific devices at the bottom. 

For the most part, porting to a new machine involves 
writing CPU-specific support (MMU manipulation and 
trap handling) and writing device drivers for new busses. 
Even the Alpha port (initially for TurboChannel-based 
machines), which required writing new CPU support, 
writing a significant amount of new device driver sup¬ 
port, and making the kernel 64-bit clean, was up and run¬ 
ning fairly reliably in about 4 months. Ports to “easier” 
targets (e.g., other 68k-based machines) can be done in a 
matter of weeks. 

• As was also mentioned previously, NetBSD also includes 
binary emulation of several other operating systems. A 
few kernel subsystems were generalized to support this 
more readily: 

• The execve () subsystem was split into two major por¬ 
tions: one which deals with copying argument lists and 



FEATURE 


creating new process contexts, and one which does work 
that is specific to a particular type of executable. The 
high-level system reads in the executable header, and 
asks each “exec module” to try to handle that particular 
executable. When a module accepts the executable, it 
does whatever is necessary to load the image and set up 
the stack, and records which emulation is in use, by 
installing a pointer to a switch table for that emulation. 
(This is similar to the “image activators” in VMS.) 

• On many platforms, trap, system call, and signal han¬ 
dling varies depending on the emulation. Using the infor¬ 
mation recorded by the exec module, the syscall handler 
uses a different system call table, signal handlers, and 
signal trampolines, and converts signal numbers and 
error numbers. 

• Each emulation contains a set of system call adapters, 
which convert from the target system’s system call 
semantics to the native semantics. In some cases, this 
involves converting data structures that are in the user’s 
address space, and a somewhat general facility is pro¬ 
vided for emulators to do this. 

• To deal with file system naming conflicts, file name look¬ 
ups in most emulations are handled by first looking up 
the name in an “alternate root” named after the emulation 
(e.g., /emul/ibcs2 for iBCS2 executables). This allows 
installing shared libraries and compiled terminfo data¬ 
bases for several different systems. 

Some specific examples of programs which run under emu¬ 
lation are: 

• BSD/OS for i386: Netscape Navigator, Mosaic, and LBL 
MBONE tools. 

• iBCS2 for i386: WordPerfect. 

• Linux for i386: DOOM, Xess, Maple, WINE, MIT 
Scheme, LBL MBONE tools, Netscape Navigator and 
Mosaic. 

• SVR4 for i386: FrameMaken 

• SunOS for SPARC: OpenWindows, Island Draw, Word¬ 
Perfect, Netscape Navigator, Mosaic, LBL MBONE tools. 

The binary emulation strategy is aimed at making the emu¬ 
lation as accurate as possible. While some other systems 
have settled for not making signal handling quite correct, or 
not dealing with file system conflicts, this was not consid¬ 
ered acceptable for NetBSD. 


Future Directions 

There are several notable projects planned for future 
releases of NetBSD, some of which are in various states of 
completion. Please note that the following list is by no 
means complete: 

• Support for more hardware platforms. 

• Kernel support for an independently developed DOS 
emulator. 

• Support for PCMCIA (including hot-swapping) and APM 
(including preemptive shutdown of devices). 

• Kernel support for threaded programs. 

• Symmetric multiprocessing. 

• Integration of improvements from the 4.4BSD-Lite2 
release, when it is available. 

• Better standards compliance. 

In addition, a group at INRIA is working on an implementa¬ 
tion of IP version 6 for NetBSD. 

How To Contribute 

The NetBSD project welcomes contributions of quality 
source code, hardware, and/or financial support. They 
strongly prefer that source code be contributed with a “Ber- 
keley-style” copyright notice and license, which allows 
redistribution in source and binary forms as long as due 
credit is given as to the origin of the code. This license 
grants recipients the freedom to use, modify, and even sell 
the code or derivative works. The NetBSD project is com¬ 
mitted to providing a freely-available source code base - 
this makes it simple for academic and industrial organiza¬ 
tions, as well as individuals, to use the NetBSD source code 
for their own purposes. 

Where To Get It 

For more information on the NetBSD project, see http:!I 
www.netbsd.orgl ox ftp:!!ftp.netbsd.orglpub!NetBSD I. For 
information on NetBSD-related mailing lists, send a blank 
message to <majordomo@netbsd.org>, or see http:ll 
www.netbsd.orglMailingListsI. The USENET comp.unix. 
bsd.netbsd."^ groups are devoted to discussion about Net¬ 
BSD, although they are rarely read by most of the people 
doing development. 


DECEMBER 1995 ;login : 41 



STANDARDS 


The following reports are 
published in this column: 

• POSlX.n 

• POSIX.la: System API 

Our Standards Report Editor, 
Nick Stoughton, welcomes dia¬ 
logue between this column and 
you, the readers. Please send any 
comments you might have to 
<nick@usenix.org>. 


An Update on Standards Relevant 
to USENIX Members 

by Nicholas M. Stoughton 
USENIX Standards Report Editor 
< nick@usenix. org > 

Report on POSIX.n: Working On The Trailing Edge 

Last summer, at the Boston USENIX, the talk was all about Encryption. The air 
was hot with discussion about Phil Zimmerman and PGP, the latest news about 
RSA, Public Key Encryption, and the Clipper chip. This year, at the September 
LISA 95, the talk was all about electronic commerce. The standards industry has 
yet to come to grips with either of these issues ... within POSIX there was an 
encryption study group, but let’s face it, POSIX.la is still not a standard, and the 
biggest thing that now addresses is Symbolic Links, which I first remember play¬ 
ing with in 1981. The POSIX encryption study group has now been dissolved, 9 
months after its formation - presumably because the area was not ready for stan¬ 
dardization. Why are standards so far behind? 

Some people complain that it is the process that is too slow, devaluing the result 
of the standard even before it is finished. Chuck Severance, whose article on the 
US Technical Advisory Group (a misnomer if ever there was one!) argues this 
precise point. 

However, there are others who have looked at this, and arrived at the other end of 
the spectrum; the standards process should be slow if it is to have value. Stan¬ 
dards based on leading edge technology must, at best, be flexible enough, and 
insufficiently set in concrete, to allow the technology itself to mature. Competi¬ 
tion between differing implementations allows the users to choose the best solu¬ 
tion. Sometimes what users choose may be the best marketed, and not the best 
technically, but that’s life. 

People who want standards must learn to be patient. The process is slow, but it’s 
meant to be! The process forces a balance of users, vendors and academics to 
agree that what is in the standard is right for all of them. It is an open process, 
and driven by volunteer individuals. In most cases, some company is picking up 
the tab, but it is the individuals who actually do the work, not the companies. 

Working on the trailing edge may not be glamorous, but it is the right place for 
standards. 


Report on POSIX.la: System API 

Shravan Pargal reports on the July 10-15,1995 meeting in Nashua, NH 

The first meeting of the POSIX. 1 a working group under the new organization 
commenced with a plenary meeting of the entire System Services Working 
Group to elect a working group chair. Both Jay Meyer, chair of the former 
POSIX. 1 working group, and Joe Gwinn, chair of the former Realtime working 
group, were nominated. After some fine campaigning by both candidates. Jay 
Meyer was elected chair after a short ballot procedure. 

The new system services group now consists of: 

• Core interfaces (POSIX. 1 a), 

• SRASS(POSIX.lh), 

42 ;login \ 


VOL 20 


NO. 6 



STANDARDS 


• Realtime (POSIX.lb), 

• Removable Media (POSIX.Ik) 

• Transparent File Access (POSIX. 1 f) 

• Resource Limits (initially a part of POSIX. 1) and 

• Checkpoint/Restart (also initially a part of POSIX. 1) 

Joe Gwinn, as runner-up in the election for Chair, was 
appointed without contest as vice chair of the new working 
group. 

The POSIX.la document went through some major reorga¬ 
nization during this meeting. Having experienced signifi¬ 
cant difficulty in getting the checkpoint/restart and resource 
limits sections through the ballot process, it was decided to 
split this work off into two separate, new, projects. There is 
work to do on these areas, and the ballot group had alerted 
us to the fact that they weren*t yet ready for publication. 
New Project Authorization Requests (PARs) were submitted 
to the PAR Management Subcommittee (PMC) for these 
projects. The PMC agreed to recommend approval of the 
two new PARS. It was decided that separate ballot groups, 
separate timelines and separate resources were appropriate 
for each of the two PARs (and corresponding working 
groups). The new names for the working groups are check¬ 
point/restart (P1003.1m) and resource limits (PlOOS.lp). 

The resource-limits and checkpoint/restart sections of the 
POSIX.la document will be removed from there and will 
become the starting point for these new projects. 

Other hot topics in POSIX.la continue to cause long discus¬ 
sions, both in and out of the meeting room. How to deal 
with trailing slashes seems to be such a regular discussion 
item that the vice chair has even suggested we add it as a 
fixed agenda item for every meeting! 

The current standpoint on this, reflected in the last draft 
(draft 12), is to insist that a filename can only have one or 
more trailing slashes if it is a directory. The words currently 
talk about “as if a trailing /.” were appended. However, this 
still needs some work, but it is unlikely that the next draft 
will be any more tolerant of trailing slashes on non-directo¬ 
ries than draft 12. 

Another hot topic is the handling of group-ids when files are 
created. System V and BSD systems have totally different 
models here, and the original POSIX.1-1990 tolerated both. 
Attempts to settle on the BSD behavior have met with 
enough resistance that it now seems likely that both will 
continue to be tolerated. 

Almost all this discussion is driven from the ballot process 
for POSIX.la, currently trying to resolve issues on draft 12 


and get a draft 13 out to ballot around the end of the year. It 
is a long, slow job, as anyone who has been through a ballot 
must realize, and most of us are new to it in POSIX.la! 

Sometimes, changes are so deep into history that we cannot 
fathom the reason for them, and have to start all over again. 
For example, some requirements on f flush were changed 
between the 1988 and 1990, but no rationale was supplied at 
the time. What should be the effect of f flush on a stream 
opened for reading? Now we have to write rationale for this 
action that occurred five years ago! 


Open Systems, 

POSIX, and NT 

by Stephe Walli 
< stephe@srw, com > 

"Feds declare NT ^open system'; UNIX takes 
a hit" 

ComputerWorld news headline, July 31, 1995. 

That headline in ComputerWorld appeared, along with simi¬ 
lar ones in other trade publications, after a US Government 
bid-protest judgement was handed down in June, 1995. 
These news articles all claimed, more or less, that the Fed¬ 
eral Government had somehow declared Microsoft Win¬ 
dows NT to be an “open system;” that this action was 
somehow “not right” or “unfair;” that customers would not 
be able to tell sheep from wolves anymore; and that UNIX 
vendors had better watch out. 

In September, UniForum entered the fray with a UniNews 
editorial (Volume IX, Number 15) that was also forwarded 
to ComputerWorld to “correct” their original article. Unfor¬ 
tunately, this editorial was equally full of speculation and 
religion, and it got a few facts wrong. 

My biggest concern is that a public relying only on trade 
publications with attention-grabbing headlines might not 
understand the real issues and might blame or lose faith in 
well-developed, implemented portability standards such as 
the ISO C-standard, POSIX. 1, and the specifications based 
upon them such as the X/Open Single UNIX Specification. 

I was directly involved in the bid protest trial as an expert 
witness on POSIX related issues for the defense. (Yes, I 
worked for that side), I have been a long-time member of 
the IEEE POSIX community and care a great deal about its 
implementation and use. My involvement in that effort 
began as an application developer in the commercial world, 
caring about software portability and platform indepen¬ 
dence. 


DECEMBER 1 995 ;login \ 43 



STANDARDS 


In this article I will present the facts about the bid and its 
protests, describe the judgement based on those facts, and 
finish with a few opinions and observations on “open sys¬ 
tems,” POSIX, and NT. The information about the RFP, the 
proposals, the protests, and the judgement is taken from the 
decision document. While you may not agree with my opin¬ 
ions expressed at the conclusion, hopefully the facts will 
clear up some of the confusion brought about by the sound 
and fury that passed for news regarding this case. 

The Facts 

The US Coast Guard wanted to procure up to 25,000 new 
workstations (CGSW III) to take them through the next five 
to ten years, as they replaced an installed base of CTOS 
machines (CGSW II). These new machines were to be a com¬ 
bination of desktop workstations, departmental servers, and 
laptops. A suite of office automation applications (including 
an electronic mail facility) and an RDBMS were also to be 
provided. 

The body of existing Coast Guard CTOS applications was 
going to be replaced over time through the use of this 
RDBMS technology, as these applications are written in a 
very proprietary manner. (Historically, no use of the CTOS 
POSIX. 1 capabilities appears to have been made.) There was 
no intention of directly porting the existing application 
source code. The RDBMS technology was part of the pro¬ 
curement, and there were requirements that it adhere to NIST 
FIPS 127-1 for SQL. This would allow the re-developed 
applications (providing they were correctly developed) to be 
more easily ported to other RDBMSs adhering to the SQL 
FIPS when necessary in the future. 

The RFP described the Coast Guard’s desire to move in a 
standards-based “open systems” direction for future work, 
taking the definition of open systems from the NIST Applica¬ 
tion Portability Profile (NIST Special Publication 500-187). 
To this end, the Coast Guard RFP required that proposed sys¬ 
tems adhere to a number of standards for specific compo¬ 
nents (such as the SQL-based component mentioned above). 
They specified that each machine proposed provide a FIPS 
151-2 certificate (POSIX. 1) and that the bid winner commit 
to expanding their POSIX support by providing POSIX.2 
(shell and utilities) and POSIX.4 (realtime interfaces) imple¬ 
mentations within 12 months of the effective date of a US 
Government FIPS in these areas. 

The RFP required “GOSIP” networking support, and this had 
ramifications for the email component of the procurement. I 
will not comment further on GOSIP, as my area of experience 
lies with POSIX standards and portability, not GOSIP. 

Value-for-Money considerations largely governed the open 
competition and over-all solution. As with many bids, cer¬ 


tain demonstrations were required before the bid was 
awarded, which in turn required the winner to pass further 
demonstrations. None of these demonstrations had anything 
to do with software source-code portability or interoperabil¬ 
ity. 

The Unisys Government Systems Group bid NT desktops 
and servers. There were two other bidders who made the 
short list. One bid “UNIX” i desktops and servers. One bid 
“UNIX” servers and different workstations that provided a 
POSIX. 1 implementation. 

Unisys was the apparent winner and went on to pass the 
additional demonstrations. 

The companies that did not win protested the award to Uni¬ 
sys. Protestor #1 complained that NT is not a “POSIX” com¬ 
pliant operating system. Protestor #2 complained that NT 
did not fulfill the “GOSIP” requirements. The bid protest 
process then ground into action with lawyers and technical 
experts entering the fray. 

The GSBCA (General Services Administration Board of 
Contract Appeals) merged the two protest actions into a sin¬ 
gle case as the two concerned the same procurement and 
involved similar allegations. The protests were amended to 
include specific reasons why the Unisys proposal did not 
fulfill RFP POSIX and GOSIP requirements (i.e., why NT 
wasn’t “POSIX” and “GOSIP”), whether the government 
customer knew what it was doing, whether or not the Unisys 
proposal failed to satisfy the customer’s “open systems” 
objectives, and certain concerns expressed about the condi¬ 
tions under which the platform demonstrations were exe¬ 
cuted. Recognize that this is what the protests claimed; the 
protestors then had to prove they were correct. 

Bid protests must be completed in 45 working days. During 
this intense period of time, about thirty lawyers, almost a 
dozen technical experts, and numerous factual witnesses 
from the Coast Guard, NIST, and the various vendors 
involved, testified to the facts, offered opinions and debated 
the meanings of terms and terminology in the RFP, the NIST 
procedures, and various other relevant (and irrelevant) doc¬ 
uments, building their respective cases for presentation to a 
panel of three judges. All the material was subjected to 
intense scrutiny by many people from different perspec- 


I UNIX is a trademark licensed exclusively through X/Open 
Company Ltd., and used in conjunction with an X/Open brand¬ 
ing program. When I use “UNIX” (in quotes) I am speaking of 
any one of the traditional operating systems of which there are 
many proprietary versions and some number of public versions 
available. Any other use of the “U”’ word will be appropriately 
placed in the context of the X/Open specification or brand pro¬ 
gram. The trade rag articles still don’t appear to appreciate the 
difference between “UNIX” and XPG4 UNIX. 


44 ;login : vol 20 . no 6 



STANDARDS 


tives. This decision was not the idle opinion of a few people 
arguing “open systems” religion. 

The protests were denied on all counts. Here is how this 
decision was reached, based on the “findings of fact” and 
discussion from the judges’ redacted decision. (GSBCA 
13201-P, 13211-P, C3, Inc., and TISOFT, Inc., v. General 
Services Administration, and UNISYS Corporation, June 9, 
1995 - released to the public in redacted form on June 30, 
1995.) 

NT is a HPS 151-2 certified system, and as such is a 
“POSIX-compliant” operating system [particular findings of 
fact are referenced in braces for those who care]: 

• FIPS 151-2 is a document that incoiporates the POSIX.l 
standard (IEEE Std 1003.1-1990 =- ISO/IEC 9945- 

1:1990) by reference, setting certain limits, and requiring 
certain optional functionality to be supported. {16} 

• The NIST certification process ensures that the results of 
a run of the authorized FIPS 151-2 test suite are valid. 
This test suite is not a guarantee of conformance, but 
contains test cases that cover the functionality as speci¬ 
fied by NIST in HPS 151-2. {35 } 

• A certificate of validation is awarded if everything is cor¬ 
rect. {36} 

• There is a component of the NT operating system that 
provides the POSIX.l specified functionality as defined 
by the NIST HPS 151-2 document. {43} 

• The NIST POSIX.l Conformance Test Suite (PCTS) has 
been run by an accredited testing lab on NT, and the test 
suite results were submitted to NIST and validated. The 
NT operating system received its certificate to this effect. 
{55,57} 

• NIST does not certify “operating systems” as “POSIX” 
conforming, neither do they test operating systems. They 
ensure that systems claiming to provide the functionality 
described in FIPS 151-2 (and the POSIX.l standard by 
reference) do so, regardless of how that functionality is 
implemented. {41} 

• The Coast Guard did not have any reason to constrain 
bidders (reducing competition) by choosing a particular 
style of implementation of the POSIX.l functionality. 
{20} The POSIX.l standard itself describes why applica¬ 
tion writers need not care about how a system provides 
the functionality. (IEEE Std 1003.1-1990, Section 
B.2.2.2, descriptions of “hosted implementation” and 
“native implementation.”) 

• POSIX.l does not specify an operating system. It is a 
specification of an interface to an operating system. {13} 


• POSIX.l was written in a minimal fashion, and it was 
expected that other “POSIX” standards would specify 
further interfaces that an operating system might pro¬ 
vide. {12,17} The US Coast Guard has certainly 
required further support. 

• Operating systems that implement the POSIX.l interfaces 
are often referred to as “POSIX-compliant” operating 
systems. {23,24, 25} (I personally hate this lack of accu¬ 
racy, but it appears to have become commonly abused 
terminology in our industry.) 

Part of the protest revolved around terminology in the RFP 
that the critical email and RDBMS applications “run under 
the POSIX operating system.” The simple answer to this in 
the judges’ decision is that these two applications run on 
NT, the NT platforms proposed had their HPS 151-2 certifi¬ 
cates, and therefore the applications run under the POSIX 
operating system. This simple logic does not begin to 
describe the painful debates that went on during the protest 
litigation. Essentially, 

• The language “run under” was used by the Coast Guard 
to prevent bidders from proposing solutions of these 
applications that were run using emulation. {31} 

• Every one agreed that there were other interpretations of 
the words “run under” and that a poor choice of words 
had been made, but there was no reason to doubt the tes¬ 
timony of the Coast Guard representative. {32, 33, 34} 

• The words did not mean that these two applications’ 
source code needed to be coded against POSIX, or ISO C 
or any other specification, as that is a source-code imple¬ 
mentation issue for the application implementors, based 
on their own portability needs and choices, and makes no 
difference whatsoever to the end-user of the application, 
in this case the Coast Guard. 

The issue that raises the most heat in this entire protest is the 
issue of whether NT fulfills the “open systems” direction of 
the Coast Guard. Unfortunately, this has been reported as 
“NT declared an open system.” No such declaration was 
ever made by anyone during this bid protest. 

Most of the debate focussed on how the POSIX.l functional¬ 
ity is accomplished on NT. The protests argued that the 
POSIX.l functionality is not integrated in a coherent fashion 
with the rest of NT, and that it therefore fails to meet the 
open systems’ requirements outlined in the Coast Guard’s 
OSE policy and planning objectives. This protest count was 
denied in the decision, as follows: 

• The protest count attempts to argue the acceptability of 
the Unisys proposal based on the Coast Guard’s OSE pol¬ 
icy and planning objectives, not the RFP requirements. 


DECEMBER 1995 ;login \ 45 



STANDARDS 


• The Coast Guard is clearly committed to moving in a 
standards-based open systems direction based on the 
minimum mandatory standards requirements that were 
imposed in the RFP. 

• The Coast Guard did not expect to accomplish its entire 
OSE objective at one fell swoop in this single worksta¬ 
tion bid. 

• There were obvious trade-offs made for competition and 
cost savings. 

• There were no requirements in the RFP that proposed the 
portability and interoperability be integrated in any par¬ 
ticular way or to any specific degree. There was no extra 
credit given during the evaluation period for the degree 
of portability or interoperability provided. 

• The Unisys proposal did provide the Coast Guard a 
greater degree of portability and interoperability than 
they have in their current workstation environment. 

In the words of the judges’ discussion: 

“Protestors are apparently convinced that the Unisys 
solution does not promote the Coast Guard’s open sys¬ 
tems environment objective as effectively as their own 
proposals would. Consequently, they speculate that the 
acceptance of the Unisys proposal will have serious 
long-range economic implications so far as future soft¬ 
ware conversion costs are concerned. This may or may 
not be true.” 

In my opinion, based on the stated problems to be addressed 
by this procurement, and the chosen application conversion 
methodology being the RDBMS using SQL, the future appli¬ 
cation conversion costs will probably be related to how pro¬ 
ficient the application development team is with SQL and 
the RDBMS, rather than anything to do with POSIX.l and 
ANSI C. The RDBMS happens to be the NT version of a tra¬ 
ditional “UNIX” database, so this should further aid the 
applications’ portability to other platforms supporting this 
particular RDBMS, even if the application developers use 
any proprietary extensions beyond SQL. 

The GOSIP related issues were apparently not well founded. 
There were no improprieties with respect to the demonstra¬ 
tions that needed to be performed by the apparent winner of 
the bid. The protests were denied on all counts. 

This decision was handed down on 9 June, 1995. An appeal 
could have been entered within the next 120 days, by Octo¬ 
ber 9th. No one appealed this decision. 

That was the procurement, the bid protests, and the subse¬ 
quent decision. Unfortunately, this entire incident degener¬ 
ated into religious debates about “open systems,” fueled by 
marketing rhetoric. As stated earlier, I am very concerned 


that this poor reporting and “open systems” rhetoric will 
damage the reputation of a set of useful portability stan¬ 
dards and specifications. 

Observations and Opinions 

As this topic seems so prone to “religious opinions,” and 
indeed I may also be as blinded by my own beliefs as any¬ 
one else, I remind readers that all the following opinions 
and observations are my own and should not be construed 
as representing anything other than that. 

First, I dislike the term “open systems.” It may be a useful 
term to describe very broad concepts involving source-code 
portability and application interoperability, but there its use¬ 
fulness ends. Source-code portability is considered one of 
the cornerstones of “open systems,” and so the POSIX fam¬ 
ily of standards is both blessed and burdened by its associa¬ 
tion with this general and sometimes ambiguous term. 

Presumably developers want to support portable software 
because more than a single computing environment is 
involved, or because they are investing in the application’s 
future, knowing that platforms will change. Some “open 
systems” proponents talk about source-code portability as if 
it is a perfect software development exercise, where all one 
has to do is purchase FIPS 151-2 certified, or XPG4 Base or 
UNIX 95 systems, and portable applications will “happen.” 
Even amongst traditional “UNIX” systems, source-code 
portability is a difficult and diverse software development 
problem. It is quite possible to write perfectly un-portable 
code on systems that support ISO C and POSIX.l. If source- 
code portability was easy and could be solved with a speci¬ 
fication alone, it would have been solved with the 
lusrigroup 1984 standard. 

The POSIX.l specification only represents part of the solu¬ 
tion. First, other POSIX projects add further functionality to 
this portability model. POSIX.l was never meant to be the 
complete solution. No specification, however, no matter 
how broad, can define everything that every application is 
going to need. 

Second, the actual building of portable applications source- 
code requires genuine understanding and real effort. Devel¬ 
opers may need to develop parts of an application in a very 
platform specific manner for a variety of reasons, even on 
systems certified and branded to conform to broad, robust 
specifications. It is unfortunate that POSIX.O (the POSIX 
Open Systems Environment Guide) and its various brethren 
(e.g., the NIST APP) have never described the amount of 
careful engineering that is required to actually implement a 
software development environment to support the develop¬ 
ment and maintenance of source-code portable applications, 
beyond the relatively simple task of itemizing standards in a 
profile. Source-code portability is an intensive application 
development concern. 


46 ;login : vol 20 . no, 6 



STANDARDS 


Vendors have a vested interest in the fact that people mov¬ 
ing from historical single-vendor environments to multi¬ 
vendor “open systems” environments often do not appreci¬ 
ate that portability is a difficult problem, requiring more 
than a specification on a programmer’s bookshelf, and a 
machine with a certificate. A vendor will pay a lot of lip ser¬ 
vice to your portability and interoperability needs - provid¬ 
ing you’re buying their solution. And in their eyes, they’re 
giving the customer exactly what they asked for. It is the 
customer’s problem if they don’t know how to use it. 

POSIX.l is amazingly successful. As a specification, it has 
existed and been stable since 1988. It has been incorporated 
and adopted into the most important portability specifica¬ 
tions around us (SVID3, 4.4BSD, X/Open’s XPG4 Base and 
its successor, the Single UNIX Specification). It has been 
widely implemented on systems as diverse as VMS, MVS, 
and MPE/iX, as well as most traditional “UNIX” systems. 
Most of these implementations are either certified by NIST 
against the FIPS 151-2 test suite, or warranted by an X/Open 
XPG4 brand. The predecessor to FIPS 151-2, FIPS 151-1, 
has existed almost from the time POSIX.l was ratified in 
1988. 

Which brings us back to a particular thorny implementor. 
Microsoft did indeed build an exact POSIX.l implementa¬ 
tion. Wherever the standard has allowed them to leave 
something unimplemented, they did so. These loopholes 
exist in the standard (and therefore in its FIPS) precisely 
because all of the “UNIX” vendors in the working and ballot 
groups allowed them to exist. All of these vendors were 
ensuring their proprietary implementations of “UNIX” 
didn’t have to change too much to conform to the standard. 
The NIST certification process itself offers certain leeway in 
the implementation (as allowed by the POSIX.l standard) to 
ensure a certain breadth of competition for federal bids. 
Microsoft exploited these specifications no more and no less 
than any other vendor. But they did provide an implementa¬ 
tion, and it is sufficiently robust to clear a rather large and 
robust test suite. 

Microsoft implemented POSIX.l as an environment sub¬ 
system, such that it is not completely integrated with the 
Win32 subsystem. Those that claim the integration aspects 
of the POSIX.l subsystem are a problem and that the sub¬ 
system should be more integrated with Win32 should stop 
and think about it a little more. I care about POSIX and the 
C-standard because I care about portable applications. I do 
not want to start using OLE calls, Win32 windowing calls 
and such in my application. This would make it very unport¬ 
able to any of the FIPS 151-2 certified or XPG4 Base 
branded machines that are available. 

But people in our industry love to beat on Microsoft. Ten 
years ago, we loved to beat on IBM. In general, I think that 


we like to beat on whoever appears to have the most arro¬ 
gant marketing campaigns, which presume that their solu¬ 
tion is the only solution. I cannot think of a single vendor’s 
sales team with whom I have had much patience. 

Microsoft treats standards much the same way this decade 
as IBM did through the eighties. Standards are something 
they will support by implementation to satisfy customer 
requirements, i.e., to compete in the market, but don’t nec¬ 
essarily support philosophically, since they most likely 
believe they already offer better solutions. The traditional 
“UNIX” vendors, however, don’t appear to be doing any¬ 
thing differently. 

Many vendors of traditional “UNIX” operating systems 
point to their “support for open systems standards,” and 
scoff at Microsoft. One might ask them why they haven’t 
yet branded their implementations as XPG4 UNIX 95? The 
X/Open Single UNIX Specification has existed for a year 
now, and its branding program has existed since March, 
1995. As a superset of POSIX.l and ISO C, XPG4 Base 95 
branded systems arguably offer a better base upon which to 
develop new portable applications, and XPG4 UNIX 95 
branded systems offer the extra bits to support porting his¬ 
torical “UNIX” applications to these platforms. All of the 
traditional “UNIX” vendors loudly proclaim their support 
for this effort, yet as of this writing not a single vendor has 
claimed the XPG4 UNIX 95 brand. Most cling to their XPG4 
Base (not even Base 95) and UNIX 93 brands, so marketing 
rhetoric and mud-slinging comes off sounding a little shal¬ 
low from my point of view. 

Regardless of the vagueness and overuse of the term “open 
systems,” developers are determining how best to use the 
standards and specifications that are particular to their 
needs, and buying platforms that provide implementations 
of the same and suit those requirements. This is what porta¬ 
bility specifications are all about - providing the systems 
analyst or applications developer the ability to choose plat¬ 
forms suited to their needs (price, performance, networking, 
etc.) while still maintaining as much portability as possible 
for the application source-code developed to a particular 
specifications model. Whether or not the platform is a 
“UNIX” machine, NT, VMS, MVS, or any other system 
doesn’t matter. It’s whether it supports the relevant specifi¬ 
cations (X/Open, POSIX, NIST FIPS) required by the applica¬ 
tion that matters. 


DECEMBER 1995 


;login : 47 



BOOK REVIEWS 


Books reviewed in this column: 

David Icove, Karl Seger, & William Von- 
Storch, Computer Crime. Sebastopol, 
CA; O’Reilly & Associates, 1995. ISBN 
1-56592-086-4. pp. 464. $24.95. 

D. Brent Chapman & Elizabeth Zwicky, 

Building Internet Firewalls. Sebas¬ 
topol, CA: O’Reilly & Associates, 1995. 
ISBN 1-56592-124-0. pp. 517. $29.95. 

Michael Jackson, Software Require¬ 
ments & Specifications. Reading, 
MA: Addison-Wesley [ACM Press], 

1995. ISBN 0-201-87712-0. pp. 228. 
$26.85. 

Paul DuBois, Using csh and tcsh. 

Sebastopol, CA: O’Reilly & Associates, 
1995. ISBN 1-56592-132-1. pp. 242. 
$24.95. 

Howard W. Johnson, Fast Ethernet. 
Upper Saddle River, NJ: Prentice Hall, 
1995. ISBN 0-13-352643-7. pp. 310. $42. 

Diane E. Kovacs, The Internet 
Trainer's Guide . New York: 

Van Nostrand Reinhold, 1995. ISBN 0- 
442-01978-5. pp. 240. $29.95. 

Prime Time Freeware for UNIX, 
Issue 4-2. Sunnyvale, CA: Prime Time 
Freeware, 1995. ISBN 1-881957-18-7. 2 
CDs. $60. 

InfoMagic, LINUX Developer's 
Resource. Flagstaff, AZ: InfoMagic, 
1995. 4 CDs. $25. (from sales@ssc,com) 

Paul W. Abrahams & Bruce A. Larson, 

UNIX for the Impatient. 2nd ed. 

Reading, MA: Addison-Wesley, 1995. 
ISBN 0-201-82376-4. pp. 824. $29. 

AEleen Frisch, Essential System 
Administration, 2nd ed. Sebastopol, 
CA: O’Reilly & Associates, 1995. ISBN 
1-56592-127-5. pp. 788. $32.95. 


The Bookworm 

by Peter H. Salus 
<peter@uunet.uu.net> 

Hard covers 

After several years of irritation, I thought I’d begin this column with another of 
my gripes about the publishing industry. I hate those shiny, plastic hard covers. I 
don’t mind most of the plastic-coated softcovers. And I acmally like hard covers 
with dust jackets. I have been told by several publishers that booksellers don’t 
like dust jackets. Tough. Bookstores sell books; they aren’t the ultimate purchas¬ 
ers. 

My complaint is not directed at any one publisher. In fact, once I verbalized my 
irritation, I went to my shelves and looked. MIT Press and O’Reilly seem to be 
able to manage putting dust jackets on hard cover books. Addison-Wesley and 
Prentice-Hall appear to be schizoid. AW’s Sloman anthology has a dust jacket; so 
does Humphrey’s Managing the Software Process (but not his Discipline for Soft¬ 
ware Engineering). All the “paint-stripe” volumes, the UNIX and Open Systems 
series, etc., are in ugly laminated covers. Prentice Hall’s Myths of Japanese Qual¬ 
ity has a dust jacket. Fast Ethernet doesn’t. 

I realize that this is merely indicative of the decline of society: dust jackets were 
initially intended to protect the bound volumes. In our throw-away society in 
which a new and revised (and larger and more expensive) edition is always just 
around the comer, technical books are not intended to last or be kept. “Who wants 
yesterday’s papers?,” the Stones sang 25 years ago. 

Who wants yesterday'is version? 

Well, here’s my suggestion: put everything into paperback and bind, say, 1000 
copies in cloth with dust jackets for the libraries and the individuals (like me) 
who prefer them that way (and will pay extra for them that way). An example of 
items I’d pay “extra” for are Bach’s Design of the UNIX Operating System (PH) 
and Leffler, et al. ’s Design and Implementation ... (A-W). I’ll keep these even 
though I have Goodheart & Cox and will get the 4.4 book when it appears. 

The Comer volumes (PH) and the Stevens books (A-W) are wonderful, but they 
are unattractive to the eye and offensive to the touch. 

High Anxiety 

Beginning with the worm in 1988 and moving through the arrest of Kevin Mit- 
nick, corporate America has become increasingly conscious of system and net¬ 
work security. Two interesting books in O’Reilly’s “Internet Security” series 
arrived this month; Computer Crime and Building Internet Firewalls. 

The first of these is by a trio of crime fighters, David Icove, who is with the Emer¬ 
gency Management Division of the TVA; Karl Seger, security consultant and 
author of the Antiterrorism Handbook', and William R. VonStorch, who is with 
the Naval Criminal Investigative Service. As one might imagine, this is not a 
technical book. But it made me much more aware of the resources that Congress- 
folk rely on as they try to legislate and which prosecutors rely on as they harass 
folks like Phil Zimmermann and Randal Schwartz. Computer Crime provides a 
lot of good solid data on just what computer crimes are and what to do if you dis¬ 
cover one. It also supplies the “profile” of the computer criminal, using the tech- 


48 ;login: vol. 20 . no. 6 



BOOK REVIEWS 


niques of the FBI, etc. My guess is that it has about as much 
validity as do the profiles of the Unabomber. 

On the other hand, Building Internet Firewalls, by Brent 
Chapman and Elizabeth Zwicky, is a must have. Cheswick 
and Bellovin introduced us all to firewalls, but it was a 
largely theoretical book by two implementors. Brent and 
Elizabeth have produced a genuinely practical volume limn¬ 
ing a variety of approaches on a range of platforms. Not only 
is this book useful, it is readable. Unlike most technical vol¬ 
umes, which appear to have been written by a Martian with a 
dictionary. Building Internet Firewalls is literate. It contains 
comprehensible glosses of terms and three useful appendi¬ 
ces. I could go on and on, but Fm sure that a real sys admin 
will do a long review of this. But it is a really fine job. I’m 
certain that everyone will need both Cheswick/Bellovin and 
this volume. Brent and Elizabeth deserve our collective 
thanks for their work. 

Software specs 

Mentioning glosses brings me to Michael Jackson’s work on 
requirements and specifications. These are not topics that 
really “grab” you, but they are important ones. The book 
puts together 75 short essays on requirements analysis, spec¬ 
ifications and software design in a Lexicon, a combination of 
dictionary and encyclopedia. It’s an interesting book, but it is 
very narrow in its point of view; there is only one mention of 
Humphrey, none of the SEI, and no mention of David Til- 
brook who has published brilliant work on the software pro¬ 
cess for nearly 15 years. 

Nutshells 

For nearly a decade I was a csh user (no, I haven’t been to 
drug rehab). Around March I began using zsh as well. But I 
think the C shell is still the one I prefer. DuBois’ small book 
on csh and tcsh is a handy one. It contains the usual intro¬ 
ductory information as well as a large number of nifty tricks 
and useful tools. It is far better than those folding cards, 
inscribed rulers, and posters of csh. I especially liked 
DuBois’ pointing out useful things in tcsh that aren’t in csh 
(like extra completions). A solid and useful Job. Now what 
about a book on zsh? 

Metcalfe's Children 

There’s little question that Bob Metcalfe’s invention of the 
Ethernet revolutionized the business office. But, by and 
large, the network standard ISO 8802.3/IEEE 802.3 is for 
10Mbps. For a lot of folks, this is too slow. Fast Ethernet is a 
proposed 100Mbps standard (802.3u). Fast Ethernet is an 
overt piece of propaganda for this new technology. Johnson 
has done a good job and there is a lot of hard-core informa¬ 
tion in this volume. Unfortunately, the history chapter is the 
weakest. I recommend that interested readers skip pages 3- 
13. For those who care, Metcalfe’s Harvard dissertation was 


Packet Communication, It is being published (for the first 
time!) by Peer-to-Peer and may be out by the time you see this 
column. 

Teaching 

More and more this past year. I’ve been asked to either teach 
or recommend a good book on about nearly every topic I can 
think of for beginners. Well, Kovacs has done an excellent job 
for those among us who have to teach neophytes about the 
Internet, Don’t moan. This is a hands-on book that addresses 
the problems of Internet training and supplies the would-be 
instructor with both tools for creating course outlines and sam¬ 
ple overheads with suggestions about presentation and evalua¬ 
tion procedures. 

More CD-ROMs 

No sooner did I review Prime Time Freeware 4-1, than they 
sent me 4-2. Two more CDs. 5GB (50(X)MB) of Freeware. A 
neat book of nearly 200 pages. It has both tcsh and zsh. 
Outta sight. 

I also got a 4-CD Linux set from InfoMagic. It’s relatively 
cheap and has lots of stuff on it. The QuickStart works fine, 
too. It feels like generic BSD with a few additions. Unfortu¬ 
nately, it occasionally crashes (in a very ugly fashion -1 rec¬ 
ommend backups) and what looks like vi, isn’t. But it’s 
certainly a bargain - an unsupported one, though. 

Second comings 

Going from the first edition to the second, Abrahams and Lar¬ 
son’s UNIX for the Impatient has increased from 559 to 824 
pages. The new edition is based on the POSIX specs and the 
POSIX.2 utilities. There is also much more on emacs and on 
ksh. In a chic manner, WWW is included: the section is so 
brief and the information so scant, that one wonders why. 
Fashion, I suppose. I liked, but was unexcited by the first edi¬ 
tion; I’m not sure I’m enraptured by the second. 

On the other hand, AEleen Fisch has done a super job updating 
what was a very good book. I liked it in 1992.1 like it better 
now. It has a new appendix on Linux. 

Christmas/Chanukah List 

As in previous years, here (in no particular order) are some of 
the books I’ve liked best this year: 

1. Kelly-Bootle, The Computer Contradictionary, (MIT Press) 

2. Wright/Stevens, TCPIIP Illustrated, Volume 2 (Addison- 

Wesley) 

3. Schneier, E-mail Security (Wiley) 

4. Nemeth, et al., UNIX System Administration Handbook 2nd 

ed. (Prentice Hall) 

5. Brooks, The Mythical Man-Month 2nd ed. (Addison-Wes- 

ley) 


DECEMBER 1995 ;login \ 49 



BOOK REVIEWS 


6. Chapman/Zwicky, Building Internet Firewalls 
(O’Reilly) 

7. Libes, Exploring Expect (O’Reilly) 

8. Landauer, The Trouble with Computers (MIT Press) 

9. Zimmermann, Official PGP User's Guide (MIT Press) 
and, immodestly, my own 

10. Salus, Casting the Net (Addison-Wesley). 

Happy holidays and good reading. 

Last year several readers pointed out that my list was in 
numerical order. This was, indeed, true. This year’s list is 
also associated with numbers; those numbers do not reflect 
values of the books associated with them. Whew! (Did I get 
it right this time?) 

Creating Cool Web Pages With HTML 

by Dave Taylor, IDG Books, 1995, ISBN: 1-56884-454-9, 
244 pp. 

Reviewed by George W. Leach 
<gwll@gte.com> 

This book is an introductory examination of building Web 
pages with HTML. It does not cover how to connect to the 
Internet, nor does it attempt to explain how to use the Inter¬ 
net. Therefore the reader should be somewhat acquainted 
with the Internet and all of its services (FTP, telnet, gopher, 
etc.). These services and more are touched upon in terms of 
how they are accessible via Web pages. 

The first couple of chapters provide the reader with a brief 
introduction of hypertext documents, Web pages, accessing 
Internet services such as FTP via a Web page and URLs 
before diving into the main theme of the book, HTML. 

Chapter Three introduces the reader to most of the elemen¬ 
tary HTML tags, gradually making improvements to a sim¬ 
ple letter to illustrate the utility of each tag. The raw HTML 
and corresponding display in a Web browser is shown for 
each incremental improvement to the document in order to 
reinforce the descriptions in the chapter. After eighteen 
pages, the reader is ready to create some simple HTML doc¬ 
uments. 

Chapters Four through Seven explore additional text for¬ 
matting features and embedding links in HTML. Covered 
are text styles (bold, italic, underline, etc.), lists (definition, 
numbered and bulleted), special characters (&, <, >, etc.), 
embedding comments within HTML, adding internal links, 
links to other Web pages, graphics and Internet resources. 
Chapters Three through Seven provide the reader with all 
the basics of HTML. 

Chapter Eight delves into advanced topics such as incorpo¬ 
rating images, audio, and video into HTML documents. Of 


particular interest in this chapter is the discussion of various 
image formats and references to software for creating and con¬ 
verting images into the GIF standard used in Web browsers. 

The author discusses the Macintosh, Windows and UNIX plat¬ 
forms as they relate to image production and conversion. 
Examples are taken from actual Web sites, such as the Com¬ 
puter Literacy Bookshops, PC Week, and the Wentworth Gal¬ 
lery. The author not only presents screen shots and the 
corresponding HTML, but also critiques the designs. 

The final four chapters of the book present various NetScape 
extensions to HTML, most of which are part of the FTTML 3.0 
spec, tools for searching the Web (Yahoo, Lycos, WebCrawler, 
etc.), and how to design Web pages to facilitate the use of 
these tools, announcing new Web sites to the community, 
image maps, HTML forms, CGI server implementations and 
HTML+. While none of these chapters goes into much detail, 
plenty of pointers are provided to various Web sites where 
additional information may be obtained. A glossary of terms 
and a quick HTML Reference are provided in the appendices. 

Taylor’s informal writing style in this book combined with the 
numerous screen shots and example listings of HTML make 
this book an ideal introduction for the Internet novice and for 
the experienced Internet user seeking to learn about HTML. In 
addition, the wealth of URLs provided to the reader will enable 
the novice to explore on-line examples of HTML usage, as well 
as tools and information regarding the creation of Web docu¬ 
ments. 

The book includes a DOS-formatted disk which contains sam¬ 
ple HTML files corresponding to the figures in Chapters Three 
through Twelve. Unfortunately, the only reference to the 
examples on disk appears along with the installation instruc¬ 
tions on the very last page of the book. A section on how to 
use the examples while reading the book would be helpful in 
the introduction. Also included on the disk are supporting GIF 
files, an audio file, and a Web browser to view them with. The 
specific browser is winWeb from EINet, which requires MS 
Windows. Total disk space requirements are slightly over one 
Meg. 

There are a number of problems with the figures in the book 
corresponding to the example files on the disk. However, the 
author provides corrected files for the book that may be 
obtained from the home page {http:llwww,mecklerweb,com! 
'^taylorilDG!coolweb.html). Also, the filenames of the vari¬ 
ous . HTM files don’t make it easy to locate the source for a par¬ 
ticular figure. Names such as FIG5 - 3 . htm rather than 
HERB2 . HTM would make life easier for someone wishing to 
examine the raw HTML source and to tie it back to a figure in 
the book. 

The browser, the samples, and the $19.95 price provide the 
reader with an easy, inexpensive way to learn about HTML. A 
Macintosh version of the book, browser and examples is also 
available. 


50 ;login : vol 20 . no 6 



SOFTWARE REVIEWS 


Caldera Network Desktop 

by David J. Fiander 
<davidf@golem.waterloo.onxa> 

The Caldera Network Desktop (CND) is the latest attempt to produce a commer¬ 
cially viable product based on freely distributable source. Caldera, however, has 
managed to sweeten the pot with some interesting licensed software, both bundled 
and separate. The CND is built on a foundation of an existing Linux distribution: 
the “Red Hat Commercial Linux” distribution. Caldera adds value to Red Hat by 
providing Novell Netware client software (licensed from Novell), the Visix 
“Looking Glass” desktop metaphor. What the preview lacks is documentation and 
support. 


As with books, software deserves 
its own review section. So, here it 
is, to be included whenever we 
have reviews of software to 
present. Submissions are encour¬ 
aged. 


Caldera goes to a great deal of trouble to make you aware that what you’re buying 
is “not ready for prime time” software. There are some rough edges, and some 
things that should work together don’t (the desktop help buttons generate errors 
rather than information). If they smooth the rough edges this will be a very impor¬ 
tant product in the future, especially since many applications essential for main¬ 
stream acceptance are already on the way (WordPerfect and Mathematica are the 
most obvious ones). 

The Major Components of CND 

Red Hat Linux 

Not being one that follows the Linux repackaging industry closely, I can’t say too 
much about Caldera’s choice, except that it is a solid, easily installed distribution, 
with good support for software package management. Red Hat’s “RPP” system for 
managing software installation and removal is simplicity itself. I’ve had problems 
with the Slackware “package tool” in the past, but the RPP commands worked 
without difficulty. Caldera has added value by writing a visual interface called 
“LIM,” Linux Installation Manager, which lists what’s available, and what’s 
installed; you just have to point and click to get the packages you want. 

Novell Netware 

That Caldera has licensed Novell netware client code and provides it in the base 
system bodes well for their success on the corporate desktops. While UNIX 
weenies may shudder at the thought of Novell, it is the most popular networking 
solution in the corporate world today. The netware client seemed a little slow to 
me, but then, I couldn’t really compare it to a DOS netware client. 

Looking Glass Desktop 

I played with the desktop for a bit, but not too long. Since I already have an X 
environment, I just moved my config files into place and did without. Some time. 
I’ll go back and configure everything exactly to my liking. The biggest problem 
with the desktop right now is that there’s no documentation on configuring the 
system in depth. If you want to adjust your default editor, or display file names 
rather than icons, you can do that, but if you have a special application that you 
want to launch automatically, based on filename extension, then you’ll have to fig¬ 
ure it out for yourself. 


Why Not to Get CND 

Unless you have access to two computers on the net, don’t install this. Because of 
its low price, Caldera is providing neither telephone nor individual email support. 


DECEMBER 1995 ;lOgin : 51 


SOFTWARE REVIEWS 


You are encouraged to submit problems to support® 
caldera.com, but you have to check-in with their Web page 
to see if your problem has made it to the list of known prob¬ 
lems. Since Linux 1.2.8 doesn’t seem to recognize my 
Adaptec 1542B SCSI controller (which BSD/OS 1.0 and 2.0, 
and Linux 1.2.1 all had no problems with), I’m glad that I 
had an NCD on the table in my office to surf the net. (I wan¬ 
dered on downstairs to computing services and swapped the 
1542B for a 1542C and the problem went away.) 

Installing the CND 

Like everything else today, the CND comes as an ISO 9660 
CD with Rock Ridge extensions and a staple-bound installa¬ 
tion handbook. Unlike most other things, however, that’s all 
that comes with it. You get to build your own boot and 
install/root floppies from images stored on the CD. So, 
unless you can “dd” images from the CD onto 3.5” floppies, 
or mount the CD on a DOS box and do the same sort of thing 
with a provided utility, you’re out of luck. 

The installation documentation is pretty straight-forward. 
Unlike most PeeCee OS installations, you’re expected to 
know what hardware there is in your computer, but that’s 
common for real operating systems. The documentation is 
organized a little strangely: there’s a section of questions 
about your system and its configuration that you need to 
know the answers to, followed by the actual installation 
instructions, which don’t necessarily use all the information 
you gathered for the first section. 

Step 28 (out of a total 81) in the Caldera installation instruc¬ 
tions is '‘Check back in 20-45 minutes.” That’s the kind of 
installation instruction I like to see. 

The “express install,” which loads almost everything you 
need to be network enabled, as they say, has some interest¬ 
ing quirks when it comes to package selection. For example, 
it installs xdaliclock, but not the packages containing 
uu{en , de] code and tset. 

On the documentation side of things, the man pages all 
install nicely, but there’s no whatis file, so you have to 
either generate it by hand, or wait for a cron job to do it at 
the end of the week. Then again, once you do have a what¬ 
is file, the apropos command has been altered by some¬ 
body who is clearly not an experienced shell programmer, 
and is thus virtually useless (deleting a caret from a regular 
expression solved the biggest problem). 

Back to being “network enabled,” there’s no news reader 
installed by default. Perhaps that this is because everybody 
prefers a different one, but that’s easily worked around by 
asking which one the user prefers and installing that one, or 
providing a default for people who haven’t used UNIX news 
readers before. 


Using the System 

I’m not doing any serious work on my desktop; I use CND as 
an X server, and news client. I have built a few things off the 
net (I’m something of a language dilettante) with no problems, 
but that’s the closest I’ve gotten to “development.” The only 
problem I encountered was that under heavy load the XFree X 
server died with a floating point exception. Fortunately, I didn’t 
lose much work. Perhaps Caldera should consider adding the 
“X Inside” commercial accelerated X server, as BSDI has. 

The system seems to be (ultimately) targeted to non-UNIX peo¬ 
ple. System administration is presented as something done 
with visual “tools” from the desktop, and not with an editor on 
raw configuration files. I found the “Don’t edit this file” com¬ 
ments in /etc/printcap and others a bit annoying. Part of 
this may be solved by reorganizing the express install and 
restructuring some of the packages. For example, I use uuen - 
code a lot more than I use xdaliclock. Then again, a non- 
UNIX person probably wouldn’t be able to figure out that after 
you’ve installed a news reader, you still need to install the 
inn - inews -only package in order to be able to post news. 

What's Missing? Documentation. 

I’ll give Caldera the benefit of the doubt and assume that the 
lack of any documentation for the desktop (among other 
things) will be resolved by the time the final product ships. 
That being said. I’m a little concerned about the lack of hard¬ 
copy documentation, and Caldera probably won’t be resolving 
that issue in the future. 

While I can understand the desire of software manufacturers to 
reduce costs and, to some extent, keep from scaring the cus¬ 
tomer, I’m not impressed with OS distributions that arrive with 
a “Getting Started” manual and a list of recommended reading 
that I have to order from O’Reilly, especially since O’Reilly is 
quite happy to sell books to OS vendors. But then, Microsoft 
started the trend by shipping a networking OS with no real doc¬ 
umentation. In the 1980s, everybody complained about how 
nobody shipped documentation on-line; now, it’s time to com¬ 
plain that nobody ships documentation off-line. When your 
system has crashed hard, and you’re trying desperately to sal¬ 
vage something, having the documentation on the scragged 
disk isn’t too useful. 

Conclusions 

If you’re not afraid of things that don’t just work right out of 
the box, then I think that buying the CND preview is a good, 
inexpensive way to get a real OS on your desktop, while pre¬ 
serving your investment in existing commercial applications 
like WordPerfect and Netware. The preview is still not some¬ 
thing that I’d install in a mission critical setting, but then the 
folks at Caldera would probably shudder at the thought of 
somebody attempting to do that anyway. 


52 ;login : vol 2o . no. 6 



ANNOUNCEMENTS & CALLS 


1995 USENIX Technical 
Conference 

January 22-26,1995 - San Diego 

Registration Information 

Attendees registering by December 15 can save $50 on 
technical sessions fees and $50 on tutorial fees. Phone 714 
588 8649 for more information or visit the USENIX Web 
page: http:UwwwMsenix,org. 

Tutorial Program 

Monday and Tuesday, January 22 - 23, 1995 
Monday Tutorials 

Advanced UNIX Security: Threats and Solutions 
Matt Bishop, University of California, Davis 

IP version 6: An Introduction - New 
Richard Stevens, Consultant 

Creating a Web Site with HTML and CGI - New 
Dave Taylor, Intuitive Systems 

An Introduction to UNIX Kernel Internals: Data Structures 
and Algorithms 

Dr. Marshal Kirk McKusick, Consultant and Author 

An Introduction to Tcl and Tk 
John Ousterhout, Sun Microsystems 

The Kerberos Approach to Network Security 
Dan Geer, Open Market, Inc. 
and John Rochlis, BEN Planet 

Sendmail Inside and Out - Updated for Sendmail 8.7 
Eric Allman, Pang(ea Reference Technologies 

An Introduction to System Performance Tuning - New 
Marcus Ranum, Information Warehouse!, Inc. 

Windows 95 and Windows NT for UNIX Programmers - 
New 

Douglas A. Hamilton, Hamilton Laboratories 

Topics in System Administration 

Trent Hein, XOR Engineering, and Evi Nemeth, 

University of Colorado, Boulder 

The Law And Individual Rights on the Net: Privacy, Ano¬ 
nymity, and Other Issues 

Daniel Appelman, Heller, Ehrman, White, and McAulijfe, 
Johan Helsingius, Oy Penetic Ab 


Tuesday Tutorials 

UNIX Security Tools: Use and Comparison - New 
Matt Bishop, University of California, Davis 

Joining the Internet Safely using UNIX and Firewalls 
Tina Darmohray and Marcus Ranum, 

Information Warehouse!, Inc. 

UNIX Network Programming 
Richard Stevens, Consultant 

What’s New in Networking - New 

Rik Farrow, Consultant, and Dave Taylor, Intuitive Systems 

BSD Network Internals: 

Data Structures and Algorithms - New 
Michael J. Karels, Berkeley Software Design, Inc. 

Advanced Programming with Tcl/TK - New 
Stephen Uhler and Brent Welch, 

Sun Microsystems Laboratories 

Java - A Language for Providing Content on the World 
Wide Web-New 

Jim Waldo, Sun Microsystems Laboratories 

Beginning Perl Programming for UNIX Programmers- 

Updated for Perl V5 

Tom Christiansen, Consultant 

Understanding Linux Inside and Out - New 
Michael K. Johnson, Linux Journal 

IP Network Administration 

William LeFebvre, Argonne National Laboratory 

Preliminary Technical Program 

Wednesday, Thursday, and Friday, 

January 24-26, 1996 

Wednesday, January 24, 1996 

9:00-10:30 
Opening Remarks 

Robert Gray, U S West 

Keynote Address: Nature and Nurture - The Interplay 
of UNIX and Networking 

Van Jacobson, Lawrence Berkeley National Laboratory 


DECEMBER 1995 ;login : 53 



ANNOUNCEMENTS & CALLS 


11:00-I2!30 
File Systems 

Session Chair: John Ousterhout, Sun Microsystems 
Laboratories 

Scalability in the XFS File System, Adam Sweeney, Silicon 
Graphics 

A Comparison of FFS Disk Allocation Policies, Keith A. 
Smith and Margo Seltzer, Harvard University 

AFRAID -A Frequently Redundant Array of Independent 
Disks, Stefan Savage, University of Washington, and John 
Wilkes, Hewlett-Packard Laboratories 

Invited Talk: Linux: Architecture, Experiences, and 
Future, Linus Torvalds, University of Helsinki 

2:00-3:30 
OS Extensions 

Session Chair: Darrell Long, University of California, 
Santa Cruz 

A Comparison of OS Extension Technologies, Christopher 
Small and Margo Seltzer, Harvard University 

An Extensible Protocol Architecture for Application-Spe¬ 
cific Networking, Marc E. Fiuczynski and Brian N. Ber- 
shad. University of Washington 

Linux Device Driver Emulation in Mach, Shantanu Goel 
and Dan Duchamp, Columbia University 

Invited Talk Panel Discussion: 

Opinions on Recent Legal Decisions 

Moderator: Ed Gould, Digital Equipment Corporation 

Panelists: Dan Appelman, Partner, Heller, Ehrman, White, 
and McAuliffe; Mitch Dembin, Assistant US Attorney - 
Chief, Financial Fraud Section; Mike Godwin, Staff Coun¬ 
sel, Electronic Frontier Foundation 

4:00-5:00 

Multimedia 

Session Chair: Brent Welch, Xerox PARC 

Calliope: A Distributed, Scalable Multimedia Server, 
Andrew Hey bey, Mark Sullivan, and Paul England, 
Bellcore 

Simple Continuous Media Storage Server on Real-Time 
Mach, Hiroshi Tezuka and Tatsuo Nakajima, Japan 
Advanced Institute of Science and Technology 


Invited Talk: Cryptography in the 21st Century, Bruce 
Schneier, Counterpane Systems 

Thursday; January 25, 1996 

9:00-10:30 

Networks 

Session Chair: John Kohl, Atria Software 

Eliminating Receive Livelock in an Interrupt-driven Kernel, 
Jeffrey Mogul, Digital Equipment Corporation, Western 
Research Laboratory: K. K, Ramakrishnan, AT&T Bell 
Laboratories 

Implementation of IPv6 in 4.4 BSD, Randall Atkinson, 
Daniel McDonald, and Bao Phan, Naval Research Labora¬ 
tory; Craig Metz, Kaman Sciences Corporation; Kenneth 
Chin, Naval Research Laboratory 

Supporting Mobility in MosquitoNet, Mary Baker, Xinhua 
Zhao, Stuart Cheshire, and Jonathan Stone, Stanford Uni¬ 
versity 

9:00-10:30 

Invited Talk: Why Threads Are A Bad Idea (for most pur¬ 
poses), 

John Ousterhout, Sun Microsystems Laboratories 

11:00-12:30 

Web 

Session Chair: Christopher Small, Harvard University 

World Wide Web Cache Consistency, Margo Seltzer and 
James Gwertzman, Harvard University 

A Hierarchical Internet Object Cache, Anawat Chankhunt- 
hod, Peter Danzig, and Chuck Neerdaels, University of 
Southern California; Michael F. Schwartz and Kurt J, 
Worrell, University of Colorado, Boulder 

Tracking and Viewing Changes on the Web, Fred Douglis 
and Thomas Ball, AT&T Bell Laboratories 

Invited Talk: Vmalloc: The Search Ends? 

Kiem-Phong Vo, AT&T Bell Laboratories 

2:00-3:30 

Works-In-Progress 

Short, pithy, and fun, WIP reports introduce new or ongoing 
work. If you have interesting work to share, or a cool idea 
that is not ready to be published, a Work-in-Progress report 
is for you. Your fellow attendees will give you insightful 
feedback. We are especially interested in the presentation of 
student work. To reserve your spot, send email to Peg Scha¬ 
fer at wips@usenix,org. 


54 ;login ; voL 20 - no. 6 



ANNOUNCEMENTS & CALLS 


Invited Talk: Forming a More Perfect Net Governance, 
Carey Eugene Heckman, Adjunct Professor of Law, Stan- 
ford Law School and iCo-Director, Stanford Law and Tech¬ 
nology Policy Center 

4:00-6:00 
Distributed Systems 

Session Chair: David Black, Opens Software Foundation 
Research Institute 

Implementation of a Reliable Remote Memory Pager, 
Evangelos P Markatos and George Dramitinos, Institute of 
Computer Science, FORTH, Crete 

Solaris MC: A Multi Computer OS, Yousef A. Khalidi, Jose 
M. Bernabeu, Vlada Matena, Ken Shirrijf, and Moti 
Thadani, Sun Microsystems Laboratories 

A New Approach to Distributed Memory Management in 
the Mach Microkernel, Stephan Zeisset, Stefan Tritscher, 
and Martin Mairandres, Intel GmbH 

Fault Tolerance in a Distributed CHORUS/MiX System, 
Sunil Kittur, Online Media; Francois Armand, Chorus 
Systemes; Douglas Steel, ICL High Performance Systems; 
Jim Lipkis, Chorus Systemes 

Invited Talk Panel Discussion; Selling Stuff that’s Free - 
The Commercial Side of Free Software 
Moderator: Mary Baker, Stanford University Panelists: Bob 
Bruce, Walnut Creek CD-ROM; William H. Davidow, Mohr, 
Davidow Ventures; Michael Tiemann, Cygnus Support; 
Linus Torvalds, University of Helsinki 

Friday, January 26, 1996 

9:00-10:30 

Protocols 

Session Chair: Jonathan Smith, University of Pennsylvania 

FLIPC: A Low Latency Messaging System for Distributed 
Real Time Environments, David L. Black, Randy Smith, 
Steven J. Sears, and Randall W. Dean, Open Software 
Foundation Research Institute 

An Analysis of Process and Memory Models to Support 
High-Speed Networking in a UNIX Environment, B, Mur¬ 
phy, University of Cambridge; S. Zeadally, University of 
Buckingham; C. J. Adams, University of Buckingham 

Zero-Copy TCP in Solaris, Hsiao-keng Jerry Chu, SunSoft, 
Inc. 

Invited Talk: Highlights from 1995 USENIX Conferences 


11:00-2:30 
Performance 

Session Chair: Miche Baker-Harvey, Digital Equipment 
Corporation 

A Performance Comparison of UNIX Operating Systems on 
the Pentium, Kevin Lai and Mary Baker, Stanford Univer¬ 
sity 

Imbench: Portable Tools for Performance Analysis, Larry 
McVoy, Silicon Graphics; Carl Staelin, Hewlett-Packard 
Laboratories 

Process Labeled Kernel Profiling: A New Facility to Profile 
System Activities, Shingo Nishioka, Atsuo Kawaguchi, and 
Hiroshi Motoda, Advanced Research Laboratory 

Invited Talk: CitySpace: Come Build It Yourself - A User- 
Extensible Virtual Environment for Real-time Play, Coco 
Conn and Zone Vella, Digital Circus Productions 

2:00-4:00 
Pot Pourri 

Session Chair: Matt Blaze, AT&T Bell Laboratories 

Cut-and-Paste File-Systems: Integrating Simulators and 
File-Systems, Peter Bosch and Sape J. Mullender, Univer- 
siteit Twente 

Predicting Future File-System Actions From Prior Events, 
Tom M. Kroeger and Darrell D. E. Long, University of Cal¬ 
ifornia, Santa Cruz 

Transparent Fault Tolerance for Parallel Applications on 
Networks of Workstations, Daniel J. Scales and Monica S. 
Lam, Stanford University 

Why Use a Fishing Line When you Have a Net? An Adap¬ 
tive Multicast Data Distribution Protocol, Steve Kotsopou- 
los and Jeremy Cooperstock, University of Toronto 

Invited Talk Panel Discussion: Technical Executive Sum¬ 
mary - 90 Minutes, 8 Talks, No Regrets 
Moderator: Keith Bostic, Berkeley Software Design, Inc. 

4:30-5:30 
Closing Session 


DECEMBER 1995 


;login ; 55 



2nd Conference on 


object-oriented technologies and systems (COOTS) 



Sponsored by the USENIX 
Association 

Important Dates 

Tutorial submissions due: Feb 7> 1996 
Paper submissions due: Feb 13> 1996 
Notification to authors: March 5, 1996 
Camera-ready final papers due: May Z 
1996 

Preliminary Program Committee 

Program Chair: Douglas C. Schmidt, 
Washington University 
Tutorial Program Chair: Doug Lea, 
SUNY Oswego 
Donald Box, Developmentor 
Kraig Brockschmidt, Microsoft 
David Chappell, Chappell and Associates 
Andrew Chien, University of Illinois, 
Urbana- Champaign 
David Cohn, University of Notre Dame 
Jim Coplien, AT&T Bell Labs 
Murthy Devarokonda, IBM Watson 
Research Labs 

Peter Druschel, Rice University 
Daniel Edelson, lA Corporation 
Nayeem Islam, IBM Watson Research Labs 
Dennis Kafura, Virginia Tech University 
Doug Lea, SUNY Ostwego 
Dmitry Lenkov, Hewlett-Packard 
Mark Linton, Silicon Graphics Inc. 

Vince Russo, Purdue University 
Jerry Schwarz, Declarative Systems 
Kevin Shank, Rochester Institute of 
Technology 

Michael Stal, Siemens AG 


Bjarne Stroustrup, AT&T Bell Labs 
Steve Vinoski, Hewlett-Packard 
Jim Waldo, Sun Microsystems Labs 

Overview 

The COOTS conference is intended to 
showcase advanced R&D work in object- 
oriented technologies and software sys¬ 
tems. The conference emphasizes experi¬ 
mental research and experience gain by 
using object-oriented techniques and lan¬ 
guages to build complex software systems 
that meet real world needs. 

Tutorials 

The COOTS conference will begin with 
two days of tutorials. The tutorial program 
will offer a selection of tutorials from 
among several tracks. We expect tutorial 
topics to include: 

Distributed object systems (CORBA, 
Network OLE, DSOM, etc.) 

C++ Standard Template Library 
Object-oriented network programming 

Design patterns for object-oriented 
systems 

Evolution of ANSI/ISO C++ 
standardization 

Concurrent object-oriented 
programming 

Efficient and effective framework design 
Alternative object-oriented languages 

Tutorial proposal submissions must be 
received by February 7, 1996. The pre¬ 
ferred form of submission is via electronic 


mail to the Tutorial Chair Doug Lea 
(dl^g.oswego.edu). Tutorials selected for 
presentation at the conference will be 
announced by February 20, 1996. 

Technical Session Topics 

Two days of technical sessions will follow 
the tutorials. We seek papers describing 
original work concerning the design, 
implementation, experimentation, and use 
of object-oriented technologies. Like the 
USENIX C++ conferences from which it is 
derived, COOTS emphasizes advanced 
engineering aspects of object technology, 
focusing on experimental systems research 
and development on distributed objects, 
multimedia, operating systems, compiler 
technology, and C++. While papers cover¬ 
ing work in C++ are strongly encouraged, 
the conference is broader in scope than its 
ancestors. In particular, we invite submis¬ 
sions describing results and work in other 
object-oriented or object-based languages. 

Potential topics include but are not 
limited to; 

Applications of, and experiences with, 
object-oriented technologies in 
various domains (distributed systems, 
multimedia, real-time systems, 
financial services, human/computer 
interface, etc.) 

Distributed object systems (CORBA, 
DCOM, DSOM, etc.) 

Implementations of commercial object 
infrastructures and reliable distributed 
objects (CORBA, NextStep, OLE/ 
COM, SOM, Isis/RDO, etc.) 


USENIXthe Advanced Computing Systems Professional and Technical Association. 

56 ;login : vol. 20. no. 6 




C++ standardization (STL, templates, 
implementation challenges) 

Object-oriented programming language 
development environments and tools 
(C++, Modula-3, EiflFel, etc.) 

Content-oriented languages for 
programming in the WWW (Java, 
Python, Obliq, Phantom, etc.) 

Interface description languages (DCE 
IDL, OMG IDL, etc.) 

Questions regarding a topic’s relevance to 
the conference may be addressed to the 
program chair via electronic mail to 
schmidt@cs.wustLedti, Proceedings of the 
conference will be published by USENIX 
and will be provided free to technical 
session attendees; additional copies will 
be available for purchase from USENIX. 

In addition, based upon feedback solic¬ 
ited at the conference from attendees, the 
program committee will select five papers 
to be published in revised and expanded 
form in a special issue of a suitable jour¬ 
nal. To help authors prepare these papers 
for publication, we will have one or more 
BOF sessions organized as “writers work¬ 
shops.” The writers workshop format has 
a group of “discussants” read the paper 
carefully before the session. During the 
writers workshop, the discussants 
examine the strengths and weaknesses of 
each paper, accentuating positive aspects 
and suggesting improvements in content 
and style. The author is “invisible” during 
this discussion, and is expected to take 
notes and revise the paper in accordance 
with the comments. 

Advanced Topics Workshop 

This years USENIX COOTS conference 
will conclude with an Advanced Topics 
Workshop. The goal of this workshop is to 
provide an informal setting in which to 
exchange in-depth technical information 
with your peers. This workshop will be 
open to authors of papers in the confer¬ 
ence, as well as participants who submit 
position papers related to the workshops 
topic. This topic will be determined several 
months before the conference and a Call 
for Position papers will be announced. Past 
USENIX C++ conferences have held 


Advanced Topics Workshops on a variety of 
topics including distributed object comput¬ 
ing and implementation issues related to 
C++ language features. 

What to Submit 

Technical paper submissions must be 
received by February 13, 1996. Full papers 
should be 10 to 15 pages (around 5,000- 
6,000 words). In lieu of a full paper, 
authors may submit extended abstracts 
that discuss key ideas. Extended abstracts 
should be 5-7 pages long (about 2,500- 
3,500 words), not counting references 
and figures. The body of the extended 
abstract should be written as complete 
paragraphs. The objective of an extended 
abstract should be to convince reviewers 
that a good, solid paper and presentation 
will result. Extended abstracts are intend 
to stimulate industrial participation and to 
allow publication of very current material. 

All submissions will be judged on origi¬ 
nality, relevance, and correctness. Each 
accepted submission will be assigned a 
member of the program committee to act 
as its shepherd through the preparation of 
the final paper. The assigned member will 
act as a conduit for feedback from the 
committee to the authors. Camera-ready 
final papers are due May 7, 1996. 

Please accompany each submission by a 
cover letter stating the paper title and 
authors, along with the name of the person 
who will act as the contact to the program 
committee. Please include a surface mail 
address, daytime and evening phone 
number, and, if available, an email address 
and fax number for the contact person. 

If you would like to receive detailed 
guidelines for submission and examples 
of extended abstracts, you may telephone 
the USENIX Association office at: 
510.528.8649, 

or email to 

cootsauthors@tisenix. org 
or to the program committee chair 

schmidt@cs. wustl. edu 
An electronic version of this Call for 
Papers is available on the World Wide 
Web. The URL is: http://www.usenix.org. 


The COOTS conference, like most con¬ 
ferences and journals, requires that papers 
not be submitted simultaneously to 
another conference or publication and 
that submitted papers not be previously 
or subsequently published elsewhere. 
Papers accompanied by non-disclosure 
agreement forms are not acceptable and 
will be returned to the author(s) unread. 
All submissions are held in the highest 
confidentiality prior to publication in the 
Proceedings, both as a matter of policy 
and in accord with the U.S. Copyright 
Act of 1976. 

Where to submit 

Please send one copy of a full paper or an 
extended abstract to the program commit¬ 
tee via one of the following methods. All 
submissions will be acknowledged. 

■ Preferred Method: email 
(Postscript or ASCII) to 

cootspapers@us€nix. org 

■ Alternate Method: postal delivery to 
USENIX COOTS Conference 

c/o Dr. Douglas C. Schmidt 

Department of Computer Science 

Washington University 

Campus Box 1045 

One Brookings Drive 

St. Louis, Missouri 63130-4899 

U.S.A. 

(TEL): 314.935.7538 
(FAX): 314.935.7302 

Registration Materials 

Materials containing all details of the 
technical and tutorial programs, registra¬ 
tion fees and forms, and hotel information 
will be available beginning in April 1996. 
If you wish to receive the registration 
materials, please contact USENIX at: 

USENIX Conference Office 
22672 Lambert St., Suite 613 
Lake Forest, CA USA 92630 
Tel: 714.588.8649 
Fax: 714.588.9706 
Email: conference@usenix.org 





4th annual tcl/tk workshop '96 



Call for Papers 

Sponsored by the USENIX Association 
July 10-13, 1996 in Monterey, California 



The fourth annual Tcl/Tk workshop, sponsored by the 
USENIX Association, will be held July 10-13, 1996 in 
Monterey, California. The workshop is a forum to: 

Bring together Tcl/Tk researchers and practitioners. 

Publish and present current work. 

Plan for future Tcl/Tk related developments. 

The workshop program will include formal presentations of 
papers and demonstrations, as well as informal demonstra¬ 
tions, work in progress sessions, birds of a feather sessions, 
and tutorials. 

This call provides information on submitting formal papers 
and demonstrations. Information on registration will be avail¬ 
able separately in April, 1996. 

Structure of Submissions 

Papers and demonstrations should report on original Tcl/Tk 
research. Example topics have included system extensions, 
novel Tcl/Tk based applications, reports on experiences build¬ 
ing particular applications, use of different programming 
paradigms within Tcl, and proposals for new directions. All 
work must be original, and not submitted elsewhere. The 
audience for the workshop is researchers and practitioners 
who are expert users of Tcl/Tk. 

There are three types of submissions; applications papers, 
general papers, and demonstrations. Both paper categories 
are limited to ten pages, and authors will be given a twenty 
minute time slot at the workshop. A full version of the paper 
must be submitted for review. Live demonstrations of software 
will be given a thirty minute time slot at the workshop, and a 
paper of up to four pages must accompany the demonstra¬ 
tion. Demonstrations are intended as a forum to highlight 


and describe innovative technologies having a highly visual or 
interactive component; they are not intended as a forum for 
marketing-oriented presentations. Detailed instructions on 
submission format appear below. 

Applications papers have typically proven difficult to write. 
Authors considering submission of these types of papers 
are encouraged to consider the following common causes 
of rejection: 

Paper is blatant marketing material for commercial product. 

Insufficient background on application domain so that the 
audience cannot follow; excessive use of domain specific 
buzzwords. 

Too much information on the application, but not enough 
on the relevance of Tcl/Tk to the application. 

Too little consideration of how the Tcl/Tk community 
could benefit from experiences; limited generalizability. 

Application only illustrates a routine usage of Tcl/Tk. 

Detailed Submission Instructions 

We are accepting workshop submissions electronically, via 
email. Submissions should be sent as both plain text (with no 
extra markup), and as PostScript (formatted for an 8.5 x 11 
page). When submitting PostScript, please strive to ensure 
that your file can be printed on a variety of printers. If 
accepted, both electronic and camera-ready hardcopy of the 
final version will be required. 

Applications papers and general papers must be full length 
versions, and not just abstracts. Papers may be a maximum of 
ten pages in length. If accepted, we would encourage use of 
brief video clips or demos during the presentation. If you think 
you may use AV equipment other than standard overheads or 


USENIX", the Advanced Computing Systems Professional and Technical Association. 


58 ;login : vot. 20. no 6 



35mm slides, please make a note of it on the cover sheet 
described below. This information is not used to judge your 
submission, but will assist in organizing the final program. 

Submissions for demonstrations must prepare a paper of up 
to four pages in length describing the demonstration and pro¬ 
viding further background; this will appear in the workshop 
proceedings. Submitters are encouraged to submit additional 
material supporting their demonstration for review, such as a 
storyboard or outline. If you would like to submit other mate¬ 
rial, such as videotapes, contact the conference chairs for more 
information. 

This workshop, like most conferences and journals, 
requires that papers not be submitted simultaneously to 
another conference or publication and that submitted papers 
not be previously or subsequently published elsewhere. 

Papers accompanied by “non-disclosure agreement” forms are 
not acceptable and will be returned to the author(s) unread. 
All submissions are held in the highest confidentiality prior 
to publication in the Proceedings, both as a matter of policy 
and in accord with the U.S. Copyright Act of 1976. 

A cover letter should be included with all submissions con¬ 
taining the following information: 

■ Name of all authors 
1 Primary contact 

■ Full postal address 

■ Telephone number 

■ Email address (very important) 

■ Category (application paper, general paper, or 
demonstration) 

■ Anticipated AV needs (used only for planning purposes) 

Submissions should consist of a uuencoded, compressed tar 
file (compress or gzip), containing both the plain text and 
PostScript versions (filenames should be based on your last 
name, e.g. smith.txt and smith.ps). This should be mailed, 
along with the cover letter, to tcl96@sco.com. Receipt of sub¬ 
missions will be acknowledged by return email within one 
week. If an acknowledgement is not received, please contact 
the co-chairs listed below. 

Important Dates 

Deadlines for paper and demo submissions: March 5y 1996 
Notification of acceptance: April 16, 1996 
Camera-ready copy due: May 28, 1996 


Program Committee 

Co-chairs; 

Mark Diekhans, SCO 
markd@sco. com 

Mark Roseman, University of Calgary 
roseman @cpsc. ucalgary. ca 

Program Committee: 

Ben Bederson, University of New Mexico 

Wayne Christopher, ICEM CFD Engineering 

Joe Konstan, University of Minnesota 

Don Libes, NIST 

Michael McLennan, AT&T 

Larry Rowe, University of California Berkeley 

Brent Welch, Sun Microsystems Laboratories 

Will Wilbrink, Unisys Canada 

David Young, SCO 

More information on the workshop will be posted to 
comp.lang.tcL, comp.orgusenix, and placed on the World Wide 
Web at httpiUwww.usenix.orgzs it becomes available. 

Registration Materials 

Materials containing all details of the technical and tutorial 
programs, registration fees and forms, and hotel information 
will be available in April, 1996. If you wish to receive the reg¬ 
istration materials, please contact: 

USENIX Conference Office 

22672 Lambert Street, Suite 613 

Lake Forest CA 92630 

714.588.8649 

Fax: 714.588.9706 

Email: conference@usenix.org 

URL: http://www.usenix.org 



DECEMBER 1995 


;login : 59 



Focusing on Applications of Cryptography 


6th USENIX UNIX security symposium 



Announcement and Preliminary Call for Pap 

July 22-25, 1996 

Fairmont Hotel, San Jose, California 


ers 


Sponsored by the USENIX 
Association, the UNIX and 
Advanced Computing Systems 
Professional and Technical 
Association 

Co-sponsored by UniForum 

In cooperation with The Computer 
Emergency Response Team (CERT), 
and IFIP WG 11.4 

Important Dates 

Dates for Refereed paper submissions: 
Extended abstracts due: 

March 19, 1996 

Program Committee decisions made: 

April 15, 1996 

Camera-ready final papers due: 

June 10, 1996 

Registration Materials Available: 

End of April 1996 

Program Committee 

Program Chair; Greg Rose, Sterling 
Software 

Fred Avolio, Trusted Information 
Systems, Inc. 

Steve Bellovin, AT&T Bell Laboratories 
Brent Chapman, Great Circle Associates 
Diane Coe, The MITRE Corporation 
Ed DeHart, CERT 
Dan Geer, Open Market Inc. 

Peter Gutmann, University of Auckland 


Kent Landfield, Sterling Software 
Clifford Neuman, Information Sciences 

Institute 

Avi Rubin, Bellcore 

Eugene SpafFord, COAST Laboratory, 

Purdue University 
Ken van Wyk, Defense Information 

Systems Agency 

Karen Worstell, The Boeing Company 
Readers; Matt Bishop, U.C. DavE, 

Phil Karn, Qualcomm 

Overview 

The goal of this symposium is to bring 
together security and cryptography practi¬ 
tioners, researchers, system administra¬ 
tors, systems programmers, and others 
with an interest in applying cryptography, 
network and computer security, and espe¬ 
cially the area where these overlap. The 
focus on applications of cryptography is 
intended to attract papers in the fields 
of electronic commerce and information 
processing, as well as security. Please note 
that papers about new cryptographic 
algorithms are not solicited; however 
new applications are. 

This will be a four day, single track 
symposium with tutorials, refereed and 
technical presentations, and panel discus¬ 
sions. Tutorials will take place the first two 
days followed by two days of technical 
sessions. 


Tutorials 

July 22-23 

Tutorials for both technical staff and 
managers will provide immediately 
useful, practical information on topics 
such as local and network security precau¬ 
tions, what cryptography can and cannot 
do, security mechanisms and policies, fire¬ 
walls and monitoring systems. 

Technical Sessions 

July 24-25 

In addition to the keynote presentation, 
the technical program includes refereed 
papers and invited talks. There may be 
panel sessions. There will be Birds-of-a- 
Feather sessions and Works-in-Progress 
Reports on two evenings. You are invited 
to make suggestions to the program com¬ 
mittee via email to security@usenix.org. 

Papers that have been formally reviewed 
and accepted will be presented during the 
symposium and published in the sympo¬ 
sium proceedings. Proceedings of the sym¬ 
posium will be published by USENIX and 
will be provided free to technical session 
attendees; additional copies will be avail¬ 
able for purchase from USENIX. 


USENIX", the Advanced Computing Systems Professional and Technical Association. 


10/19/95 



Symposium Topics 

Presentations are being solicited in areas 
including but not limited to: 

Anonymous transactions 
Applications of cryptographic techniques 

Attacks against secure networks/ 
machines 

Cryptanalysis and codebreaking as 
attacks 

Cryptographic tools 
Electronic commerce security 
Firewalls and firewall toolkits 
Legislative and legal issues 
Case studies 

Computer misuse and anomaly detection 

File and File system security 

Network security 

Security and system management 

Security in heterogeneous environments 

Security incident investigation and 
response 

Security tools 

User/system authentication 
Penetration testing 
Malicious code analysis 

Note that this symposium is not about 
new codes or ciphers, or cryptanalysis for 
its own sake. 

How to Submit 
a Refereed Paper 

Submissions must be received by March 
19, 1996. Authors are encouraged to 
submit an extended abstract which dis¬ 
cusses key ideas and demonstrates the 
structure of the finished paper. Extended 
abstracts should be 3-5 pages long (about 
1500-2500 words), not counting refer¬ 
ences and figures. The body of the 
extended abstract should be in complete 
paragraphs. The object of an extended 
abstract is to convince the reviewers that a 
good paper and presentation will result. 
Full papers can be submitted if they are 
complete in advance of the date. Full 
papers should be 8 to 15 typeset pages. 

Authors will be notified of acceptance 
on April 15, 1996. 


All submissions will be judged on origi¬ 
nality, relevance, and correctness. Each 
accepted submission will be assigned a 
member of the program committee to act 
as its shepherd through the preparation of 
the final paper. The assigned member will 
act as a conduit for feedback from the 
committee to the authors. Camera-ready 
final papers are due June 10, 1996. 

Please accompany each submission by 
a cover letter stating the paper title and 
authors along with the name of the 
person who will act as the contact to the 
program committee. Please include a 
surface mail address, daytime and evening 
phone number, and, if available, an email 
address and fax number for the contact 
person. 

If you would like to receive detailed 
guidelines for submission and examples of 
extended abstracts, you may send email to: 

S€Curityauthors@nsenix. org 

or telephone the USENIX Association 
office at 510.528.8649. 

The UNIX Security Symposium, like 
most conferences and journals, requires 
that papers not be submitted simulta¬ 
neously to another conference or publica¬ 
tion and that submitted papers not be 
previously or subsequently published 
elsewhere. Papers accompanied by “non¬ 
disclosure agreement” forms are not 
acceptable and will be returned to the 
author(s) unread. All submissions are held 
in the highest confidentiality prior to pub¬ 
lication in the Proceedings, both as a 
matter of policy and in accord with the 
U.S. Copyright Act of 1976. 

Where to Submit 

Please send one copy of an extended 
abstract or a full paper to the program 
committee via each of two, for reliability, 
of the following methods. All submissions 
will be acknowledged. 

■ Preferred Method email 

(Postscript or ASCII) to: 

securitypapers@usenix. org 


m Alternate Method postal delivery to: 

Security Symposium 
USENIX 

2560 Ninth St., Suite 215 
Berkeley CA 94710 
U.S.A. 

Phone: 510.528.8649 
p Fax: 510.548.5738 

Registration Materials 

Materials containing all details of the 
technical and tutorial programs, registra¬ 
tion fees and forms, and hotel information 
will be available at the end of April 1996. 
If you wish to receive the registration 
materials, please contact USENIX at: 

USENIX Conference Office 

22672 Lambert Street, Suite 613 

Lake Forest, CA USA 92630 

714.588.8649 

Fax: 714,588.9706 

email: conference@menix.org 

Information can also be found under 
the USENIX Association Web page, 

URL: http:llwww.usenix.org 



DECEMBER 1995 


;login : 61 



2nd USENIX Symposium on 


October 29-November 1, 1996 
Seattle, Washington, USA 


operating systems design and implementation (OSDI '96) 




Pre-Announcement and Call for Papers 


Sponsored by the USENIX Association 
Co-sponsored by ACM SIGOPS and IEEE TCOS 

After a successful first OSDI symposium, the next OSDI 
will continue to focus on practical issues related to modern 
operating systems. OSDI brings together professionals from 
academic and industrial backgrounds, and has become the 
perfect forum for issues concerning the design and imple¬ 
mentation of operating systems for modern computing plat¬ 
forms such as workstations, parallel architectures, mobile 
computers, and high speed networks. 

The OSDI symposium emphasizes both innovative 
research and quantified experience in operating systems. We 
seek papers describing original work concerning the design, 
implementation, and use of modern operating systems. 
Besides mature work, we encourage submissions describing 
exceptionally promising, well-grounded speculative work, 
or enlightening negative results. Topics of interest include, 
but are not limited to: 

OS structure and organization 
OS kernel internals, servers and applications 
Distributed and mobile computing 
Multiprocessor and parallel systems 
Communications 

Storage Management and I/O systems 
Security in distributed systems 
Scalability and availability 
Heterogeneous systems 
Performance and optimizations 
Language support for OS 
OS interaction with HW architecture 
OS support for embedded systems 


OS support for real time and multimedia 
Interaction of OS and applications 

Program Committee 

Karin Petersen, Xerox PARC (co-chair) 

Willy Zwaenepoel, Rice University (co-chair) 

Peter Chen, University of Michigan 

Richard Draves, Microsoft Research 

Carla Ellis, Duke University 

Ed Pel ten, Princeton University 

Jim Gray, Microsoft Bay Area Laboratory 

Kevin Jeffay, University of North Carolina 

David Johnson, Carnegie Mellon University 

JayLepreau, University of Utah 

Jeff Mogul, DECWRL 

Marc Shapiro, INRIA 

John Wilkes, Hewlett-Packard Labs 

John Zahorjan, University of Washington 

Important Dates 

Full papers due: May 7, 1996 
Notification to authors: July 30, 1996 
Revised papers due for shepherding: August 19, 1996 
Camera-ready full papers due: September 16, 1996 

Submission Process 

Authors are required to submit full papers by May 7, 1996. 
Submitted papers should be no longer than 14 pages, spaced 
no closer than standard 10 point font on 12 point baseline, 
single- or double-column format. Longer submissions will 
be discarded without review. Very similar papers must not 


USENIX ^ the Advanced Computing Systems Professional and Technical Association. 




ANNOUNCEMENTS & CALLS 


OSDI cfp -2 

have been published or submitted for publication else¬ 
where. All submissions will be held in the highest confiden¬ 
tiality prior to publication. Papers accompanied by so-called 
‘non-disclosure agreement” forms are not acceptable and 
will be returned unread. 

The papers will be judged on significance, originality, 
clarity, relevance, and correctness. The committee will favor 
papers with reproducible results, especially those supplying 
detailed data and explanations, or offering to make data sets 
or source code available. 

Accepted papers will be shepherded through an editorial 
review process by a member of the program committee. 

Authors of accepted papers will be expected to provide 
an HTML page containing the abstract and links to 
their paper, slides, and software, if available. This will be 
collected after the event for inclusion in an electronic 
version of the symposium (for an example, see 
http'JIwuru). cs. Utah, edu!^ l€pr€aulosdi94/). 

Where to submit 

Submission of all papers must be made in both paper and 
electronic form. Fifteen (15) paper copies (double sided if 
possible) of the paper must be sent to: 

Willy Zwaenepoel 

Department of Computer Science, 

Rice University 

6100 S. Main St. 

Houston, TX 77005, USA 

and one electronic copy in Postscript (not ASCII) must be 
submitted by electronic mail to: osdi~papers@cs.rice.edu 

For administrative reasons (not blind reviewing), every 
submission (in both its paper and electronic form) should 
include one additional page containing: (i) paper title and 
authors, indicating any who are full time students, and (ii) 
for the author who will act as the contact to the program 
committee, his or her name, paper mail address, daytime 
and evening phone numbers, email address and fax number, 
if available. The cover sheet mailed with the electronic 
paper submission should be in ASCII to facilitate accurate 
on-line bookkeeping, and should be included in the same 
electronic mail message as the PostScript file containing the 
paper. 

All submissions will be acknowledged by May 21, 1996. 

If your submission is not acknowledged by this date, please 
contact the program chairs promptly at osdi@cs.rice.edu. 


Symposium Overview 

The symposium will consist of one day of tutorials, followed 
by 2.5 days of single-track technical sessions with presenta¬ 
tions of the refereed papers, and a half day workshop on a 
topic yet to be determined. One of the technical sessions 
will be dedicated to work-in-progress presentations and will 
be described in later announcements. The refereed papers 
will be published in the Proceedings, provided free to tech¬ 
nical session attendees and available for purchase from 
USENIX. The Proceedings may also be distributed to ACM 
SIGOPS members. Papers of particular merit will be 
selected to receive an award and will be published in the 
lEEETCOS Bulletin. 

Registration Materials 

Materials containing all details of the technical and tutorial 
programs, registration fees and forms, and hotel information 
will be mailed in August 1996. If you wish to receive the 
registration materials, please contact: 

USENIX Conference Office 
22672 Lambert St,, Suite 613 
Lake Forest, CA USA 92630 
Phone: 714 588 8649 
Fax: 714 588 9706 
Email: conference@usenix.org 
WWW URL: http:lliuww.usenix.org. 




DECEMBER 1995 ;lOgin : 63 









10th systems administration conference (LISA '96) 


Announcement and Call for Participation 



September 30-October 4, 1996 
Chicago Marriott, Chicago, Illinois 


Co-sponsored by 
USENIX, the Advanced Computing 
Systems Professional and Technical 
Association; and SAGE, the System 
Administrators Guild 

Important Dates 

Refereed paper submissions: 

Extended abstracts due: May 7, 1996 
Notification to authors by: 

June 11 1996 

Final papers due: August 15> 1996 
Registration materials available: 

July 1996 

Overview 

LISA, the USENIX Systems Administra¬ 
tion Conference, is the leading confer¬ 
ence for and by system administrators. 
LISA originally stood for ‘‘Large Installa¬ 
tion Systems Administration” when a large 
installation meant over 100 users, 100 sys¬ 
tems, or a gigabyte of disk storage. Today, 
the LISA conference offers the most com¬ 
prehensive program for system administra¬ 
tors from sites of all sizes and at all levels 
of experience. 

LISA ‘96 will mark the tenth anniver¬ 
sary of the LISA conference. While there 
will be events at the conference to mark 
this occasion, the focus will continue to be 
bringing system administrators the latest 
tools, techniques, and information needed 


to keep apace with the rapid technology 
advancements, changes in public and legal 
policy, and changes in the ways that their 
employers do business. 

Tutorial Program 

Monday and Tuesday, September 30— 
October 1, 1996 

The conference will offer up to 20 tutor¬ 
ials on two days. Tutorials are offered on 
all levels of system administration from 
novice to senior system administrator. 

To provide the best possible tutorial 
offerings, USENIX continually solicits 
proposals for new tutorials. If you are 
interested in presenting a tutorial at this or 
other USENIX conferences, please contact 
the tutorial coordinator: 

Daniel V. Klein 
412.421.0285 
Fax: 412.421.2332 
Email: dvk@usenix.org 

Technical Sessions 

Wednesday through Friday, 

October 2—4, 1996 

The three days of technical sessions 
consist of two parallel tracks. The first 
track is dedicated to presentations of 
refereed technical papers. The second 
track is intended to accommodate invited 
talks, panels and Works-in-Progress 
(WIP) sessions. 


Conference Topics 

Papers addressing the following topics are 
particularly timely; papers addressing 
other technical areas of general interest 
are equally welcome. 

■ Innovative system administration tools 
and techniques 

■ Integrating new networking 
technologies 

■ Problem tracking 

■ Remote site administration 

■ Experiences supporting large sites 
(>1000 users or machines) 

■ Experiences supporting nomadic and 
wireless computing 

■ Integration of heterogeneous 
platforms—multiple UNIX platforms, 
PC/Mac integration, interfacing with 
Legacy systems 

m Integration of emerging technologies 
to system administration 

■ Support stratgies in use at your site 

■ Distributed system administration 
B Proactive problem management 

■ OS/Platform migration strategies 

B Performance analysis and monitoring 
B Data management 
B Security 
B Ethics 

B Asset management 

■ Training the user 

s Incorporating commercial system 
administration technology for your site 



USENIX", the Advanced Computing Systems Professional and Technical Association. 





Refereed Paper Submissions 

An extended abstract is required for the 
paper selection process. Full papers are not 
acceptable at this stage; if you send a full 
paper, you must also include an extended 
abstract. “Extended” means 2-5 pages. 

Include references to establish that you 
are familiar with related work, and, where 
possible, provide detailed performance 
data to establish that you have a working 
implementation or measurement tool. 

Submissions will be judged on the 
quality of the written submission, and 
whether or not the work advances the state 
of the art of system administration. For 
more detailed author instructions and a 
sample extended abstract, send email to 
lisa 1 Oauthor@usenix.org OT call USENIX 
at 510.528.8649. 

Note that LISA, like most conferences 
and journals, requires that papers not be 
submitted simultaneously to more than 
one conference or publication and that 
submitted papers not be previously or 
subsequently published elsewhere. Papers 
accompanied by “non-disclosure agree¬ 
ment” forms are not acceptable and will 
be returned unread. All submissions are 
held in the highest confidence prior to 
publication in the conference proceed¬ 
ings, both as a matter of policy and as pro¬ 
tected by the U.S. Copyright Act of 1976. 

Authors of an accepted paper must pro¬ 
vide a final paper for publication in the 
conference proceedings. At least one author 
of each accepted paper presents the paper 
at the conference. Final papers are limited 
to 20 pages, including diagrams, figures 
and appendixes, and must be in troff, 
ASCII, or LaTeX format. We will supply 
you with instructions. Papers should 
include a brief description of the site, 
where appropriate. 

Conference proceedings, containing all 
refereed papers and materials from the 
invited talks, will be distributed to attend¬ 
ees and will also be available from the 
USENIX following the conference. 


Where to Send Submissions 

Please submit extended abstracts for the 
refereed paper track by two of the follow¬ 
ing methods: 

Email to: lisalOpapers@usenix.org 
Fax to: 510.548.5738 

Mail to: 

LISA 10 Conference 
USENIX Association 
2560 Ninth Street, Suite 215, 

Berkeley, CA USA 94710 

To discuss potential submissions, and for 
inquiries regarding the content of the con¬ 
ference program, contact the program co¬ 
chairs at lisa!Ochair@usenix.org OT at: 

Helen E. Harrison 
SAS Institute Inc. 

SAS Campus Drive 
Cary, NC 27513 
919.677.8000 x6981 
Fax: 919.677.4444 
Email: helen@usenix.org 

Amy K. Kreiling 
Campus Box #3175 
Department of Computer Science 
University of North Carolina 
Chapel Hill, NC 27599 
919.962.1843 
Fax: 919.962.1799 
Email: amy@usenix.org 

Invited Talk Track 

If you have a topic of general interest to 
system administrators, but that is not 
suited for a traditional technical paper 
submission, please submit a proposal for a 
second track presentation to the invited 
talk (IT) coordinators at itlisa@usenix.org. 

Program Committee 

Program Co-chair; Helen E. Harrison, 
5^15 Institute Inc. 

Program Co-chair: Amy K. Kreiling, 
University of North Carolina 
Paul Evans, Synopsys, Inc. 

David L. Kensiski, MCI 
Telecomm uni cations 
Bill LeFebvre, Argonne National Labs 


E. Scott Menter, Enterprise Systems 
Management 

Pat Parseghian, AT&T Bell Laboratories 
Pat Wilson, Dartmouth College 
Elizabeth Zwicky, Silicon Graphics, Inc. 

Vendor Displays 

Wednesday and Thursday, 

October 2—3, 1996 

LISA attendees have an enormous interest 
in industrial strength, state of the art solu¬ 
tions to system adminstration problems. 

If your company's products provide solu¬ 
tions, LISA will provide attendees with 
the technical expertise to understand and 
appreciate it. Please contact: 

Zanna Knight 
Tel: 510.528.8649 
Fax: 510.548.5738 
Email: dispUy@usenix.org 

Birds-Of-A-Feather Sessions 

Birds-of-a-Feather sessions (BoFs) are 
very informal gatherings of attendees 
interested in a particular topic. BoFs 
are held Tuesday, Wednesday, and Thurs¬ 
day evenings of the conference. BoFs 
may be scheduled in advance by tele¬ 
phoning the USENIX Conference Office 
at 714.588.8649 or via email to 
conference@usenix.org. They may also be 
scheduled at the conference. 

For Registration Information 

The complete program and registration 
information will be available in July 
1996. If you would like to receive registra¬ 
tion materials, please contact: 

USENIX Conference Office 
22672 Lambert Street, Suite 613 
Lake Forest, CA 92630 
Phone: 714.588.8649 
Fax: 714.588.9706. 

Email: conference@usenix.org. 

URL: http://www.usenix.org 

Or you can send email to our mailserver at 
info@usenix.org. Your message should 
contain the line: send catalog. A catalog 
will be returned to you. 


DECEMBER 1995 ;login \ 65 



How To Spot A System Administrator 
Who Hasn’t Read Our New Books 


Weeps uncontrollably when asked “Want to go to lunch?*’ 



Thinks aspirin is a food group. Speaks jibberish like “unix, 


shmunix.” 



Has a labrador retriever that goes by the 


name “Watchdog reset” 



and howls ie bark 


F eeling a little frenzied? Gee,there are only a 
zillion things on your plate at any given time. 
But take heart: Where there’s clear, hands-on 
information that helps solve your thorniest 
problems, there’s relief. That’s where our new 
system administration books come in. 

Check out the new, second edition of our classic 
Essential System Administration, updated to include 
all the latest versions of major UNIX platforms. 
Networking Personal Computers with TCP/IP gives you 
information to tackle this sometimes daunting task. 


And Us/ng and /Managing UUCP describes, in one 
volume, this popular communications and file 
transfer program. When it comes to security, weVe 
publishing two books that will be essential: Building 
Internet Firewalls and Computer Crime. Both books 
are hands-on, current, and practical. 

So, remember to take deep breathes and read the 
latest books from O’Reilly. To learn more about 
any of the books you see here, browse our online 
catalog at http://www.ora-com/ And take a little 
time off when you can. 



I03A 


REILLY & ASSOCIATES 

Morris Street, Sebastopol, California 95472 • fax: 707-829-0104 • Credit card orden: 800-889-8969 Weekdays 6AM-5PM PST 

For inquiries: 800-998-9938, 707-829-0515 • To request a copy of our catalog: catalog@online.oira.com 

Please refer to code ALOG when ordering. 


66 ;login : voL. 20. no 6 











USENIX members receive 
a 1 discount 


The Internet Navigator, 2ed 
Paul Glister 

1-05260-4 $24.95 member price: $21.20 

# of copies: _ 

Advanced Topics in UNIX 
Ronald Leach 

1-03663-3 $24.95 member price: $21.20 

# of copies: _ 

Introduction to Client Server Systems 
Paul Renaud 

1-57774-X $34.95 member price: $29.70 

# of copies: - 

Portable UNIX 
Douglas Topham 

1-57926-2 $14.95 member price: $12.71 

# of copies: - 

UNIX, Self-Teaching Guide 
George Leach 

1-57924-6 $19.95 member price: $16.95 

# of copies: _ 

Object Oriented Programming with Turbo C++ 
Keith Weiskamp 

1-52466-2 $24.95 member price: $21.20 

# of copies: _ 

Obfuscated C and Other Mysteries 
Don Libes 

1-57805-3 $39.95 member price: $33.96 

# of copies: - 


' [!□ Payment enclosed, plus sales tax 

I—I VISA □ Mastercard 

I—I American Express 

Card No._ 

Name_ 

Firm _ 

Address_ 

City/State/Zip—------ 

Signature_ 

(order invalid unless signed 


Finding It On the Internet 
Paul Glister 

1-03857-1 $19.95 member price $16.95 

# of copies: _ 

Internationalization: Developing Software for 
Global Markets 1-07661-9 (pub. date: 1/95) 
Tuoc Luong $29.95 member price: $25.45 

# of copies: - 

Adventures in UNIX Network Applications 

Programming 

Bill Rleken 

1-52858-7 $39.95 member price: $33.96 

# of copies: _ 

UNIX Shell Programming, 3e 
Lowell Jay Arthur 

1-59941-7 $29.95 member price: $25.45 

# of copies: _ 

The UNIX Command Reference Guide 
Kaare Christian 

1-85580-4 $32.95 member price: $28.01 

# of copies: _ 

Berkeley UNIX: A Simple & Comprehensive 
Guide 

James Wilson 

1-61582-X $40.95 member price: $34.80 

# of copies: _ 




f mm 




:.ms. ews®*** 


DECEMBER 1995 ;login: 67 















































USENIX members receive a 15% discount 
on the following MIT Press publications: 


GLOBAL NETWORKS 

Computers and International 
Communication 

edited by Linda A4. Harasim 
Global Networks takes up the host of issues raised 
by ihe new networking fechnology that now links 
individuals, groups, and organizations- in different 
countries and on different continents. The- twenty- 
one contributions focus on the implementation, 
applicotion, ond impact of computer-mediated 
communication in o global context. 

340 pp. $29 95 hardcover HARNH 

THE NETWORK NATI9N 

Human Communication via Computer 
Revised Edition 

Starr Roxanne Hiltz and Murray Turoff 
“The Network Nation... contained a fascinating 
vision. ...It is □ place where thoughts are 
exchanged easily and democratically and intellect 
offords one mofe personal power than a pleasing 
appearance does. Minorities and women 
compete on equal terms with white males, ond the 
elderly and handicapped are released from the 
confines of their infirmities to skim the electronic 
terrain as swiftly as anyone else," — Teresa 
Carpenter, Village Voice 
580 pp. $24 95 paperback HILWP 

THE EVOLUTION OF C++ 

Language Design in the Marketplace of 
Ideas 

edited by Jim Waldo 
This collection of articles traces the history of C+-b, 
from its infancy in the Santo Fe workshop, to its 
proliferation today as the most popular object- 
oriented language for microcomputers. Waldo 
notes, in his postscript that in the process of 
evolving, the language has lost □ dearly articu* 
loted, generally accepted design center, with no 
common agreement about what it should or should 
not do in the future. 

279 pp. $24 95 paperback WALEP 


Multimedia, Hypermedia, and the Social 
Construction or Knowledge 

edited by Edward Barrett 

Sociomedia continues the assessment of hypcrrfexl and- hy penned id 
wsterns begun in Texf, ConText, and HyperText and The Society of 
Text. ]| exomines the use .of Integroled multi medio to-support soetel or 
colloborotrve reseorch^ fecrning, and Instruction in lh& university, one of 
the best environments for developing and gnolyzing the effe.cis of 
computing technologies on oiir undefstoi'iding of complex sers of 
informotion. 

Technical Communications and Informalion Series 360 pp. $50 00 hardcover 
BARRH 


CONNECTIONS 

New Ways of Working in the Networked 
Organization 

Lee Sproull and Sara Kiesler 

Spfoull and Kiesler raise cruc.fol questions about our technical and 
particularly .our humort strategies as o producing society." 

— Howard Webber, Sloon Management 

228 pp $21 95 paperback SPRCP 

TECHNOBABBLE 

John A Barry 

"A serious study of the bnguage of the new technocracy " 

— William Satire, The New York Times MagoHne 
288 pp $ 12 50 paperback BARCP 


I Payment enclosed Purchase Order Attached 


Master 


Signature 


Total for book(s) 

Postage For North American addresses 
Canadian customers add 7% GST 
Total for book(s) & postage 


Make checks payable 
and send order to: 

THE MIT PRESS 

55 Hayward Street, Cambridge, AAA 
02142-1399 USA 

To order by phone, call 
(617| 625-8569 
or (6i001 356-0343. £-moit order 
# mitpre5s-orders@mit.edu. The 
operotor Writ need this code. UNIX!. 


Name 

Address 


68 ;login : vol. 20 • no. 6 




Prentice Hall PTR is pleased to recommend 
the following titles to USENIX members... 



UNIX System Administration Handbook, Second Edition, 
Evi Nemeth/Garth Snyder, 0-13-151051-7 
(15105-0) List: $48.00 Members: $40.80 


.Object-Oriented Modeling and Design, 

James Rumbaugh, 0-13-629841-9 

(62984-0) List: $54.00 Members: $45.90 

_Zen and the Art of the Internet, Third Edition, 
Brendan Kehoe, 0-13-121492-6 
(12149-1) Lis^; $23.95 Members: $20.36 

.The Magic Garden Explained, Bernard Goodheart/ 
James Cox, 0-13-098138-9 
(09813-7) List: $38.00 Members: $32.30 

Internetworking with TCP/IP, Vol. II Design, 
Implementation, and Internals, Douglas E. Comer/ 
David L. Stevens, 0-13-472242-6 
(47224-1) List: $61.33 Members: $52.13 

SCO Performance Tuning Handbook, Gina 
Miscovich/David Simons, 0-13-102690-9 
(10269-9) List: $42.00 Members: $35.70 

.Object-Oriented Programming, Peter Coad/ 

Jill Nicola, 0-13-032616-X 

(03261-5) List: $48.00 Members: $40.80 

Internetworking with TCP/IP, Vol. Ill Client Server 
Programming and Applications for the BSD Socket 
Version, Douglas E. Comer and David L. Stevens, 
0-13-474222-2 

(47422-1) List: $53.00 Members: $45.05 


Internetworking with TCP/IP, VoL III Client Server 
Programming and Applications for the AT&T TLI 
Version, Douglas E. Comer and David L. Stever\s, 
0-13-474230-3 

(47423-9) List: $53.00 Members: $45.05 

The Internet Message: Closing the Book with Electronic 

Mail, Marshall T. Rose, 0-13-092941-7 

(09294-0) List: $50.00 Members: $42.50 

The Standard C Library, PJ Plauger, 0-13-131509-9 
(13150-8) List: $37.80 Members: $32.13 

All About Administering the NIS+, Second Edition 

Rick Ramsey, 0-13-309576-2 

(30957-5) List: $42.00 Members: $35.70 

The Simple Book: An Introduction to Internet Management 

Marshall T. Rose, 0-13-177254-6 

(17725-3) List: $55.00 Members: $46.75 

Networking Operations on UNIX SVR4, 

Mike Padavano, 0-13-613555-2 

(61355-4) List: $50.00 Members: $42.50 

.Solaris Porting Guide, SunSoft ISV Engineering 
0-13-030396-8 

(03039-5) List: $52.00 Members: $44.20 

.Multiprocessor System Architectures, Ben Catanzaro 
0-13-089137-1 

(08913-6) List: $44.00 Members: $37.40 

The HP-UX System Administrator's "How To" Book 

Marty Poniatowski, 0-13-099821-4 

(09982-0) List: $32.00 Members: $27.20 

.UNIX System V Performance Management, Edited by 
Phyllis Eve Bregman and Sally A. Browning 
0-13-016429-1 

(01642-8) List: $29.95 Members: $25.45 

SCO® UNIX® Operating System System Administrator's 
Guide, Santa Cruz Operation, 0-13-012568-7 
(01256-7) List: $39.00 Members: $33.15 


HERE'S HOW TO ORDER; 


CALL 

800 - 880-6818 


OR WRITE: 

CompuBooks 
Route 1, Box 271-D, 
Cedar Creek, TX 78612 


WE SHIP ANYWHERE! 


OR INTERNET: 

70007.1333@CompuServe.com 
(GO CBK on CompuServe) 


FOR MORE INFORMATION, OR QUANTITY ORDERS, PLEASE CALL 201-592-2657 















A UNIQUE OFFER 
ON THE BEST IN UNIX 
FOR USENIX MEMBERS 


□ THE INTERXET 
GUIDE FOR NEW 
USERS 

D. Dern 

hardcover, 016510-6, $40.00, 
MEMBER PRICE $32.00 
paperback, 016511-4, $27.95, 
MEMBER PRICE $22.36 

□ INTERNET FOR 
EVERYONE 

R. Wiggins 

hardcover, 067018-8, $29.95, 
MEMBER PRICE $23.96 
paperback, 067019-6, $45.00, 
MEMBER PRICE $36.00 

□ THE ESSENTIAL 
INTERNET 

INFORMATION GUIDE 
J. Manger 

707905-1, paperback, $27.95, 
MEMBER PRICE $22.36 



' 20 ’% 

DISCOUNT FROH l 
CGRAW- 


□ THE INFORMATION 
BROKERS 
HANDBOOK, 

Second Edilion 

S. Rugge 

911878-x, paperback, $34.95, 
MEMBER PRICE $27.96 
Available December 1994 

□ SAA AND UNIX: IBM’s 
Open System Strategy 
M. Killen 

034607-0, $40.00, 

MEMBER PRICE $32.00 

□ A STUDENT’S GUIDE 
TO UNIX 

H. Hahn 

025511-3, paperback, $28.00, 
MEMBER PRICE $22.40 


□ UNIX DEVELOPER’S 
TOOL KIT 

K. Leininger 

911836-4, $65.00, 

MEMBER PRICE $52.00 

□ UNIX SECURITY: 

A Practical Tutorial 

N. Arnold 

002560-6, $24.95, 

MEMBER PRICE $19.96 

□ THE UNIX AUDIT: 
Using UNIX to Audit 
UNIX 

M. Grottola 

025127-4, $32.95, 

MEMBER PRICE $26.36 

□ UNIX: A Database 
Approach 

8. Das 

015745-6, $29.95, 

MEMBER PRICE $23.96 

Available November 1994 


I am a member of USENIX Association. Please 
send me the books I have indicated at the 
member special rate. I have added $3.00 postage 
and handling for the first book ordered, $ 1.00 
for each additional book, plus my local sales tax. 

Check or money order is enclosed— 
payable to McGraw-Hill, Inc. 

Charge my □ Visa □ Mastercard 
□ Discover □ Amex 

Account #_ 


Expiration Date_ 
Signature,_ 


Bill Sc Ship To: 


NHtUC. 


Strcei 


City, State, 


Daytime Phone #_ 


03US002 


USENIX Membership # 


Send or Fax Orders to: 

McGraw-Hill, Inc. 

Attn: Rosa Perez 
11 West 19th Street^^th Floor 
New York, New York 10011 
Fax: 212-337-4092 


^8 


If I am not completely satisfied, I will return the book(s) within 15 days for a full refund or credit. Satisfaction unconditionally 
guaranteed. Prices subject to change without notics. We can only accept orders within the continental USA, 


70 ;login : vol 20. no, 6 






Next Stop... 
San Francisco! 


/ ! i 


/fll f V/' 




^iif IP 


A 




Plan now to be in Son Francisco for UniForum '96 — 
o premier enterprise computing event showcasing 
Business Solutions across heterogeneous platforms 
to meet today's real world computing requirements. 


UniForum ’96 

The Official Conference and Exposition for Open Computing Solutions. 

Conference: February 12-16,1996 • Exposition: February 14-16, 1996 
Moscone Center • San Francisco, California 

Sponsored by UniForum, The InternoHonal Association of Open Systems Professionals. 

Managed by The Interface Group, producer of COMDEX. 


©1995 The Interface Group • 300 First Avenue, Needham, MA 02194-2722 USA • (617) 449-6600 


UN7219 2/95 


DECEMBER 1995 ;login: 71 










Establishing a 
World-Wide Web Server 

A Syslems Admlnlstralors Guide 


iSUniFomm 


About the Author; 

Michael Harrington is the 
systerris administrator of the 
orthopaedic Biomechanics 
Laboratory at Beth Israel Hospital 
in Boston, Massachusetts. He is 
also a member of the UniForum 
Technical Steering Committee. 

He has more than eight years 
experience managing UNIX, 
Macintosh and PC networks. 

He has managed his own WWW 
server since 1993. 


A Brand New Guide from UniForum 


Establishing a 
World-Wide Web Server 

A Systems Administrator’s Guide 

As Web sites proliferate throughout the world, and as users are demanding more 
functionality, the need for systems administrators to understand and manage World-Wide 
Web servers has never been greater. 

Establishing a World-Wide Web Server is a book that comes along at just the right 
time. There is no hotter application on the Internet than the World-Wide Web (WWW), 
and as it continues its explosive growth, it is up to systems administrators to understand 
and manage the demands of users. This Guide helps the administrator set up and 
administer a WWW server properly. The Guide is directed toward the novice system 
administrator and to those who take on the sys admin role in the course of their regular 
jobs. 

Establishing a World-Wide Web Server is written in a logical sequence that first 
introduces the reader to the place the WWW has in the world of the Internet. It then 
covers the technical issues including a clear description of HyperText Transfer Protocol 
(HTTP), with sections on several different HTTP servers. Subsequent chapters cover 
Uniform Resource Locators (URL), HyperText Mark-up Language (HTML) and a series 
of chapters on building and maintaining a WWW server. 

Establishing a World-Wide Web Server is thorough, easy-to-read, and completely 
up-to-date. 

All General Members of UniForum will receive a copy of 
Establishing a World-Wide Web Server as part of their 
membership benefits. 

Copies are available to all UniForum General and Drial Members 
at substantial discounts: 


Establishing a World-Wide Web Server 

Table of Contents: 

■ Introduction: The WWW and the Internet 

■ Technical Issues of the WWW 

■ URL 

■ HTML 

■ Forms 

■ Imagemaps 

■ Converters/Editors 

■ HTML-h 

■ Security Issues 

■ Maintaining a WWW Server 

■ Defining the Team Needed to Support the WWW 
Server 

■ Let’s Build a WWW Server 

■ The Future 

■ Glossary and Appendices 


QUANTITY 


MEMBER PRICE TRIAL MEMBER PRICE 


I- 10 copies $10.00 $25.00 

II- 49 copies $ 8.00 $20.00 

50 copies or more $ 7.00 $17.00 

Plus shipping and handling 


Shipping & Handling Charges 

US/Canada/Mexico 

International 

If your mechandise total is... 

Add... 

Add... 

UP to $25.00 

$5.00 

$7.50 

$25.01 to 50.00 

7.00 

9.50 

$50.01 to 75.00 

9.00 

11.50 

$75.01 or more 

11.00 

13.50 


To order, please call UniForum today at 1-800-255-5620, or (408) 986- 
8840. Have your Visa, MasterCard, Discover or American Express Card 
ready for fastest order processing. Orders may be sent to UniForum. 
Please send checks or money orders (US dollars only; California 
residents please add applicable sales tax), to: 

UniForum 
WWW Server 

2WI1 Tasman Drive, Suite 205 
Santa Ciara, CA 95054-1100 


©UniForum. 

The International Association of Open Systems Professionals 
UniForum i.s a registered trademark of The UniForum Association 


9506201 








UniForum 


OPEN SYSTEMS 


Find out by joining UniForum: 

The Internationai Association of Open Systems Professionals. 


The Advantages of Membership: 

Your annual membership is a resource treasure chest. Among the many valuable 
benefits you’ll receive are: 

■ UniForum Monthly: The Magazine for Open Systems Professionals 

■ UniNews - the authoritative voice of UniForum - now on-line 

■ The Open Systems Products Directory - comprehensive, accurate, indispensable 

■ Reduced fees at all UniForum conferences and seminars 

■ Technical and Standards publications: timely, reliable and useful 

■ Discounts on many outstanding industry publications 

■ Discounts on leading commercial hardware and software products 

■ Discounts on courses offered by leading training organizations 

■ Discounts on exclusive new shareware selections 

■ Services such as discounts on car rentals, travel and mail list rentals 

■ Eligibility to serve on UniForum committees and the Board of Directors 


what is Open Systems and where can you find 
the information you need to keep up in today’s 
competitive open systems environment? 


UNIFORUM MEMBERSHIP APPLICATION FORM (please print) 

Name 
Title 

Company 
Address 
Mail Stop 
City 
Country 

E-mail (where we will send UniNews) Fax (. 


State 

Telephone (. 


MFUMS 


Zip 

J_ 

.) 


General Membership** $125 

Includes UniForum Monthly magazine, UniNews electronic newsletter, Open Systems Products Directory, 
technical publications, recruitment advertising service, and discounts on: UniForum conference registration 
and shareware CD-ROMs, purchases of software and hardware, educational seminars and special classes, 
additional UniForum publications and other industry publications, computer books, CD-ROMs and training 
services. 

** Overseas postage: 

air $100 or surface $60 (no additional postage necessary for Canada, Mexico or Puerto Rico) $_ 

TOTAL AMOUNT ENCLOSED $_ 


Method of Payment: 

Select one: □ Check payable to UniForum * □ Money Order In US Dollars 

□ MasterCard □ Visa □ American Express 


Credit card number Expiration date 

Signature 


^Payments must be included in U.S. dollars All checks must be drawn on a U.S. bank. Credit card orders can be accepted by telephone. 

^♦Overseas surface delivery takes up to six weeks. 

Send application and payment to: UniForum, 2901 Tasman Drive, Suite 205, Santa Clara, CA 95054-1100 
Tel: (408) 986-8840 (800) 255-5620 Fax: (408) 986-1645 

Prices subject lo change without notice. Contact UniForum for discounts and shipping and handling charges on bulk orders- 
UniForum is a registered trademark of UniForum. UNIX is a registered trademark in the United States and other counUies, 
licensed exclusively through X/Open Company Limited. The International Association ol Open Systems Prolessionals 



There’s Never 
Been a Better 
Time for an 
Outstanding 
Value 

As the unstoppable 
move to open systems 
gathers even more 
momentum you need a 
strong and 
independent 
association that can 
help you achieve your 
professional goals. 

An association that can 
magnify your voice, 
which can educate, 
inform and inspire. 

You need and deserve 
an association that 
provides value for your 
money. In short you 
need UniForum. 

With a value this good, 
the real question might 
be, “Can you afford to 
be without it?” 

Join today! 









ANNOUNCEMENTS & CALLS 


I on M 


CONFERENCE & WORKSHOP PROCEEDINGS 



Otu Proceedings 

Member^^ 

Price 

^on-Member* 

Price 

Subtotal 

Overseas 

Postage 

Total 

WINTER/SUMMER CONFERENCES 







New Orleans 

Winter '95 

30 

39 

$ 

20 

3 : 

Boston 

Summer '94 

25 

33 

$ 

18 

$ 

San Francisco 

Winter '94 

30 

39 

$ 

20 

$ 

Cincinnati 

Summer '93 

25 

33 

$ 

18 

$ 

_San Diego 

Winter '93 

33 

40 

$ 

25 

$ 

San Antonio 

Summer '92 

23 

30 

$ 

14 

$ 

San Francisco 

Winter '92 

30 

39 

$ 

22 

$ 

Nashville 

Summer '91 

32 

38 

$ 

22 

$ 

Dallas 

Winter '91 

28 

34 

$ 

18 

$ 

Anaheim 

Summer '90 

22 

22 

$ 

15 

$ 

Washington, DC 

Winter '90 

25 

25 

$ 

15 

$ 

Baltimore 

-Summer '89 

20 

20 

$ 

15 

$ 

_ San Diego 

Winter '89 

30 

30 

$ 

20 

$ 

San Francisco 

Summer '88 

29 

29 

$ 

20 

$ 

Dallas 

Winter '88 

26 

26 

$ 

15 

$ 

Phoenix 

Summer '87 

35 

35 

$ 

20 

$ 

Washington, DC 

Winter '87 

10 

10 

$ 

15 

$ 

Atlanta 

Summer '86 

37 

37 

$ 

20 

$ 

Denver 

Winter '86 

25 

25 

$ 

15 

$ 

Portland 

Summer '85 

45 

45 

$ 

25 

$ 

Dallas 

Winter '85 

15 

15 

$ 

10 

$ 

Salt Lake Citv 

Summer '84 

29 

29 

$ 

20 

$ 

Washington, DC 

Winter '84 

25 

25 

$ 

15 

$ 

Toronto 

Summer '83 

32 

32 

$ 

20 

$ 

San Diego 

Winter '83 

28 

28 

$ 

15 

$ 

LARGE INSTALLATION SYSTEMS ADMINISTRATION 






LISA IX 

Sept. '95 

30 

38 

S 

11 

£ 

LISA VIII 

Sept. '94 

22 

29 

$. _ 

10 

$ 

LISA VII 

Nov. '93 

25 

33 

$ 

12 

$ 

LISA VI 

Oct. '92 

23 

30 

$_. 

12 

$ 

LISAV 

Sept. '91 

20 

23 

$ 

11 

$ _. 

LISA IV 

Oct. '90 

15 

18 

$ 

8 

S 

LISA III 

Sept. '89 

13 

13 

$._ 

9 

$ 

LISA II 

Nov. '88 

8 

8 

$ 

5 

$,__ 

LISA I 

April '87 

4 

4 

$__ 

5 

$ 

C++ 







C++ Conference 

April '94 

24 

28 

$ 

^ 20 

$ 

C++ Conference 

Aug. '92 

30 

39 

% 

20 

$ 

C++ Conference 

April '91 

22 

26 

$ 

11 

£ 

C++ Conference 

April'90 

28 

28 

$ 

_ 18 

$.__ 

C++ Conference 

Oct. '88 

30 

30 

$ 

20 

$ 

C++ Workshop 

Nov. '87 

30 

30 

_. 

20 

$.__ 

SECURITY 







UNIX Security V 

June '95 

27 

35 

$ 

11 

$ 

UNIX Security IV 

Oct. '93 

15 

' 20 

$ 

9 

$ 

UNIX Securitv III 

Sept. '92 

30 

39 

$ 

11 

$ 

UNIX Security II 

Aug. '90 

13 

16 

$ 

8 

$ 

UNIX Security 

Aug. '88 

7 

7 

$ 

5 

$ 

MACH 







Mach Symposium III 

April '93 

30 

39 

$ 

18 

% 

Mach Symposium 

Nov. '91 

24 

28 

$ 

14 

$ 

Mach Workshop 

Oct. '90 

17 

' 20 

$ 

j 

9 

$ 


7A ;login : voL 20 . no 6 




Qty Proceedings 

Member 

Price 

Non-Member * 
Price 

Subtotal 

Overseas 

Postage 

Total 

DISTRIBUTED & MULTIPROCESSOR SYSTEMS (SEDMS) 






SEDMS IV 

Sept. '93 

24 

31 

$ 

. 14 

$ 

SEDMS III 

Mar. '92 

30 

36 

$ 

. 20 

S 

SEDMS II 

Mar, '91 

30 

36 

$ 

20 

$ 

SEDMS 

Oct. '89 

30. 

30 

$ 

20 


MICROKERNELS & OTHER KERNEL ARCH. 






Microkernels & Other Kernel... II 

Sept. '93 

15 

20 

$ 

9 

$ 

Microkernels & Other Kernel... I 

Apr. '92 

30 

39 

$ ___ 

20 

$ 

GRAPHICS 






Graphics Workshop V 

Nov. '89 

18 

18 

$ 

10 

s 

Graphics IV 

Oct. '87 

10 

10 

$ 

10 

$ 

Graphics III 

Nov. '86 

10 

10 

$ 

5 

$ 

OTHER WORKSHOPS/SYMPOSIA 







Electronic Commerce Workshop 

July '95 

20 

26 

$ 

11 

$ 

Tcl/Tk Workshop 

Tulv '95 

29 

34 

$ 

20 

$ 

Obiect-Oriented Technoloeies (COOTSUn '95 

18 

24 

$ 

9 

$ 

Mobile Computing 

Apr. '95 

18 

24 

$ 

9 

$. 

OS Design and Implementation 

Nov. '94 

20 

27 

$ 

11 

£ 

Very High Level Languages 

Oct. '94 

23 

30 

$ 

10 

s 

High-Speed Networking 

Aug. '94 

15 

20 

$ 

9 

$ 

UNIX Applications Development 

April '94 

15 

20 

$ 

9 

$ 

Mobile Computing 

Aug. '93 

15 

20 

$ 

8 

$ 

File Systems 

May '92 

15 

20 

$ 

9 

$ 

UNIX Transaction Processing 

May '89 

12 

12 

$ 

8 

$ 

Software Management 

Apr. '89 

20 

20 

$ 

15 

$ 

UNIX & Supercomputers 

Sept. '88 

20 

20 

$ 

10 

$ 

SAGE Short Topics System Administration Series 






Short Topics System Administration Series 






#1: Job Descriptions for System Administrators 

5 

7.50 

i $ - - 

3.50 

$ 


Discounts are available for bulk orders. Please inquire. 

you are paying member price, please include member's name and/or 
membership number^_ , , __ 


Total price of Proceedings 
Calif, residents add sales tax 
Total overseas postage 
Total enclosed 


PAYMENT OPTIONS’" 

_Check enclosed- payable to USENIX Association Account # _Exp.Date 

_ Charge my: _ VISA _ MC Signature_ 

_ Purchase order enclosed 

* Outside the USA? Please make your payment in US currency by one of the following: 

- Check - issued by a local branch of a US Bank 

- Charge (VISA, MasterCard, or foreign equivalent) 

- International postal money order 

• If you are not a member and wish to receive our membership information packet, please check this box. I I 

Shipping Information Ship to: 

Please allow 2-3 weeks for delivery. Overseas orders_ 

are shipped via air printed matter. Please mail or fax 
this order form with payment to: 


USENIX Association • 2560 Ninth Street • Suite 215 • Berkeley, CA • 94710 • TEL 510-528-8649 • FAX 510-548-5738 


DECEMBER 1995 75 







LOCAL USER GROUPS 


The Association will support local user 
groups by doing a mailing to assist in 
the formation of a new group and pub¬ 
lishing information on local groups in 
:login:. At least one member of the 
group must be a current member of the 
Association. Send additions and correc¬ 
tions to; <login@usenix.org>. 

California 

Fresno: The Central California 
UNIX Users Group has a WWW 
contact page to which members 
may post questions or information. 
For connection information: 

• Steve Mitchell 
209 278 5675 

< http :lfwarpig. catL csufresno. edul 
ccuuglccuug.html> 

Orange County: Meets the 2nd 
Monday of each month 

• UNIX Users Association of 
Southern California 
Dave Close 

714 434 7359 

<dhclose@alumni,caltech.edu> 

New Horizons Computer 

Learning Center 

1231 E. Dyer Rd., Suite 140 

Santa Ana, CA 92705 

714 438 9440 

Colorado 

Boulder: Meets monthly at differ¬ 
ent sites; for membership informa¬ 
tion and meeting schedule, send 
email to <fruug-info@fruug,org>. 

• Front Range UNIX Users Group 
Lone Eagle Systems Inc. 

636 Arapahoe #10 
Boulder, CO 80302 
Steve Gaede 
303 444 9114 
<gaede@fruug.org> 

<http:H www.fruug.orgl ^fruug> 

Washington, D.C. 

Meets 2nd Tuesday of each month. 

• Washington Area UNIX Users 
Group 

10440 Shaker Drive, Suite 103 
Columbia, MD 21046 
Alan Fedder 
301 621 5500 
< afedder@mcsp. com > 


Florida 

Coral Springs: 

• S. Shaw McQuinn 
305 344 8686 

8557 W. Sample Road 
Coral Springs, FL 33065 

Melbourne: Meets the 3rd Monday 
of every month. 

• Space Coast UNIX User’s Group 
Steve Lindsey 

407 242 4766 
<lindsey@vnet. ibm.com> 

Orlando: Meets the 3rd Thursday of 
each month. 

• Central Florida UNIX Users Group 
Mikel Manitius 

407 384 4644 

<mikelmanitius@east.sun.com> 

Western: Meets 1st Thursday of 
each month. 

• Florida West Coast UNIX Users 
Group 

Mike Delucia 
813 882 0770 
<pfl @cftnet.com> 

Georgia 

Atlanta: Meets on the 1st Monday of 
each month in White Hall, Emory 
University, 

• Atlanta UNIX Users Group 
RO. Box 12241 
Atlanta, GA 30355-2241 
Mark Landry 404 365 8108 

Kansas or Missouri 

Meets on 2nd Tuesday of each 
month. 

• Kansas City UNIX Users Group 
(KCUUG) 

RO. Box 412622 
Kansas City, MO 64141 
816 891 1093 
<richj@northcs. cps. com> 

Michigan 

Detroit/Ann Arbor: Meets on the 
2nd Thursday of each month in Ann 
Arbor. 

• Southeastern Michigan Sun Local 
Users Group and Nameless UNIX 
Users Group 

Steve Simmons’ office: 313 769 
4086 

home: 313 426 8981 
<scs@lokkur.dexter.mi. us> 


Minnesota 

Minneapolis/St. Paul: Meets the 1st 
Wednesday of each month. 

• UNIX Users of Minnesota 
17130 Jordan Court 
Lakeville, MN 55044 
Robert A. Monio 

612 220 2427 

<pnessutt@dmshq.mn.org> 

Missouri 

St. Louis: 

• St. Louis UNIX Users Group 

RO. Box 2182 St. Louis, MO 63158 
Terry Linhardt 
314 772 4762 
<uunet!jgaltstl!terry> 

Nebraska 

Omaha: Meets monthly. 

• /usr/group/nebraska 
RO. Box 31012 
Omaha, NE 68132 
Phillip Allendorfer 
402 423 1400 

New England 

Northern: Meets monthly at different 
sites. 

• Peter Schmitt 603 646 2085 
Kiewit Computation Center 
Dartmouth College 
Hanover, NH 03755 
<peter.schmitt@dartmouth.edu> 

New Mexico 

Albuquerque: ASIGUNIX meets every 
3rd Wednesday of each month. 

• Phil Hortz 505 275 0466. 

New York 

New York City: Meets every other 
month in Manhattan. 

• Unigroup of New York City 
G.P.O. Box 1931 

New York, NY 10116 
<uniboard@unigroup.org> 

J.R Radley 212 877 0440 


76 ;login: vol . 20 . no . 6 



Oklahoma 

T\ilsa: Meets 2nd Wednesday of each 
month. 

• Tulsa UNIX Users Group, $USR Bill 
Hunt 918 494 4848 
<bhunt@tulsix.utulsa,edu> 

Mark Lawrence 918 749 7498 
<lawrence@tulsix, utulsa.edu> 

Texas 

Austin; Meets 3rd Thursday of each 
month. 

• Capital Area Central Texas UNIX 
Society (CACTUS) 

RO. Box 9786 
Austin, TX 78766-9786 
Ronald S. Woan 
512 838 1254 
<president@cactus.org> 
<http:Hcactus.org> 

Dallas/Fort Worth: Meets the 1st 
Thursday of each month. 

• Dallas/Fort Worth UNIX Users 
Group 

RO. Box 867405 
Plano, TX 75086 
Evan Brown 214 519 3577 
<evbrown@dsccc. com> 

Houston: Meets 3rd Tuesday of each 
month. 

• Houston UNIX Users Group 
(Hounix) answering machine 
713 684 6590 

Jack Gilbert, President 
713 862 3637 
< jack@hounix.org> 

Washington 

Seattle; Meets monthly. 

• Seattle UNIX Group Membership 
Bill Campbell 206 947 5591 
6641 East Mercer 

Mercer Island, WA 98040-0820 
<bill@celestial com> 

Canada 

Manitoba: Meets 2nd Tuesday of 
each month. 

• Manitoba UNIX User Group 
(MUUG) RO. Box 130 

St. Boniface Winnipeg, 

MB R2H 3B4 

Bary Finch, President 

204 934 1690 <info@muug.mb.ca> 


Ottawa: 

• The Ottawa Carleton UNIX Users 
Group 

David J. Blackwood 
613 957 9305 
<dave@revcan.ca> 

Toronto: 

•143 Baronwood Court 
Brampton, Ontario 
Canada L6V 3H8 
Evan Leibovitch 

416 452 0504 <evan@telly.on.ca> 

Quebec: Meets first Wednesday every 
3rd month. 

• Administrateurs de Systeme 
UNIX du Quebec (ASUQ) 
Universite de Montreal, 

Dept. IRO 

C.R 6128, Succ. Centre-Ville 
Montreal, Quebec, Canada, 

H3C 3J7 
514 343 7480 

<asuq@iro. umontreal. com> 


System Administration 
Groups 

Back Bay LISA (BBLISA) 

New England forum covering all aspects 
of system and network administration, 
for large and small installations. Meets 
monthly, at MIT in Cambridge, MA. 

For information, contact: 

•J. R. 01droyd617 227 5635 
<jr@opaLcom> 

• Mailing list subscription: 
<bblisa-request@bblisa.org> 

• Mailing list postings: 
<bblisa@bblisa.org> 

• For current calendar of events: 
finger <bblisa@finger,bblisa.org> 


Bay USA (California) 


Meets 3rd Thursday of each month at 
Synopsys in Mountain View, CA For 
more information, please contact: 
<blw@baylisa.org> or 
<http: U WWW. bay lisa, org > 


LOCAL USER GROUPS 

dc.sage (Metropolitan 
Wasnington, X>.C.) 

“Users can be a friend of the system 
administrator, but they will never be able 
to be a peer.” We’re here to meet, inter¬ 
act, support, leverage, and otherwise 
make your vocation a more fruitful one. 
For more information, send “info dc- 
sage” to <majordomo@mrj.com> 

Ken Mayer <kmayer@mrj.com> 

$GROUPNAME (New Jersey) 

SGROUPNAME is an organization in New 
Jersey formed to facilitate information 
exchange pertaining to the field of UNIX 
system administration. For more informa¬ 
tion, send “infogroupname” to 
<majordomo@plts.org> 

Tom Limoncelli <tal@big.att.com> 

New York Systems 
Administrators (NYSA) 

Meets 2nd Monday of each month. 

• <nysa-request@esm.com> 

914 472 3635 or 472 3635 

North Carolina ^stem 
Administrators Group 

The North Carolina System Administra¬ 
tors Group meets on the 2nd Monday 
each month around the Research Triangle 
Park area. 

• Amy Kreiling 919 962 1843 
<kreiling@cs. unc. edu> 

• William E. Howell 919 941 4868 
<william_howell@glaxo. com> 


DECEMBER 1 995 ;login : 77 



CALENDAR OF EVENTS 


ACM: 

Association for Computing Machinery 

AFUU: 

Association of French UNIX Users 


ASPLOS: 

Architectural Su^ort for Programming 
Languages and Operating Systems 

AUUG: 

Australian UNIX Systems Users Group 

COOTS: 

Conference on Object-Oriented 
Technologies 


DECUS: 

Digital Equipment Computer Users Society 

EurOpen: 

Europeon Forum for Open Systems 

FSF: 

Free Software Foundation 


GURU: 

Romanian UNIX User Group 

GUUG: 

German UNIX Users Group 

IEEE: Institute of Electrical and 
Electronics Engineers 


IETF: 

Internet Engineering Task Force 


JUS: 

Japan UNIX Society 

USA: 

USENIX/SAGE Systems Administration 
Conference 


OOPSLA: 

Object-oriented Programming 
Systems, Longuoges and Applications 

OSDI: 

Symposium on Operating Systems 
Design & Implementation 

ROSE: 

Open Systems in Romania 

SANS: 

System Administration, Networking 
^ Security 

SIGPLAN: 

ACM Special Interest Group on 
Programming Languages 

SIGSOFT: 

ACM Special Interest Group on 
Software Engineering 

SOSP: 

ACM Symposium on Operating Systems 
principles 

SUG: 

Sun User Group 

SUUG: 

Society of Russia UNIX Users Group 

UKUUG: 

United Kingdom UNIX Systems 
Users Group 

UniForum: 

International Association of 

UNIX and Open Systems Professionals 

WITl: 

International Network of 
Women in Technology 


This is a combined calendar of conferences, symposia, and stan¬ 
dards meetings. If you have a event that you wish to publicize, 
please contact <login@usenix.org>. 

* = events sponsored by the usenix Association. 


1995 

December 

2 - 7 DECUS, San Francisco, CA 

3 - 6 SOSP, Colorado 

3 - 8 ACM/IEEE-CS Supercomput¬ 

ing ‘95, San Diego, CA 

4 - 8 IETF, Dallas, TX 

6-8 JUS UNIX Fair, Yokohama, Japan 
11-14 4th World Wide Web 

Conference, Boston, MA 
19-20 UKUUG, York, UK 

1996 

January 

22 - 26 * USENIX, San Diego, CA 

February 

2- 5 Freely Redistributable Software 

Conference, FSF, Cambridge, MA 
14-16 UniForum, San Francisco, CA 

March 

4- 8 IETF, Los Angeles, CA 

April 

3- 4 NetWorld-i-Interop ‘96, Las Vegas, 

NV 

May 

5- 10 IEEE Symposium on Research 

and Privacy, Oakland, CA 
13-17 SANS V, Washington, DC 
18-24 DECUS, Orlando, FL 

June 

1 - 6 DECUS, ‘96 St. Louis, MO 
10-14 NetWorld-t-Interop ‘96, Frankfurt, 
Germany 

17 - 21* COOTS II, Toronto, Canada 

July 

10-13 *Tcl/Tk, Monterey, CA 
22 - 25 *6th UNIX Security, San Jose, CA 
22 -2 6 NetWorld-i-Interop ‘96, Tokyo, 
Japan 

August 

4 - 9 SIGGRAPH, New Orleans, LA 
5-9 Interex ‘96, San Diego, CA 


September 

16-20 NetWorld-i-Interop ‘96, Atlanta, 
GA, 

30- 

Oct 4* LISA ‘96, Chicago, IL 

AUUG, Melbourne, Australia 

October 

1 - 4 ASPLOS, Cambridge, MA 

6- 11 OOPSLA ‘96, San Jose, CA 

7- 11 NetWorld-i-Interop ‘96, Paris, 

France 

8 - 10 UNIX Expo, New York City 
28- 

Nov 1 NetWorld-i-Interop ‘96, 

London, England 
29- 

Nov 1* OSDI II, Seattle, WA 

November 

4-8 Open Systems World, FedUNIX 
9-14 DECUS, Anaheim, CA 
18-22 ACM lEEE-CS Supercomputing 
‘96, Pittsburgh, PA 

25 - 29 NetWorld-i-Interop ‘96, Sydney, 
Australia 

December 

JUS UNIX Fair 

1997 

January 

6 - 10 * USENIX, Anaheim, CA 

March 

12-14 UniForum, San Francisco, CA 

October 

27-31* LISA ‘97, San Diego, CA 

1998 

June 

15 - 19 * USENIX, New Orleans, LA 

December 

7 - 11 * LISA ‘98, Boston, MA 

JUS UNIX Fair 



USE NIX 1996 Technical Conference 

January 22-26,1996 

San Diego Marriott Hotei and Marina 

San Diego, Caiifornia 

Sponsored by the USENIX, the UNIX® and Advanced Computing Systems 
Professional and Technical Association 


If these lollies are important to you; 


■ System administration 

■ Web administration 

■ Network management 

■ Performance measurement 

■ Benchmarking 

■ System and network security 

■ Firewalls 

■ Privacy 

■ Cryptography 

■ Java 

■ Linux 

■ Distributed computing; DCE, 
DFS, RPC, CORBA 

■ Kernel internals: 4.4BSD, 
FreeBSD, Plan9, Spring 


■ Videoconferencing 

■ Portability and interoperability 

■ DNS 

■ GUI technologies and builders 

■ File systems 

■ Operating Systems 

■ Networked Collaborative 
Environments 

■ Making money with free software 

■ Re-engineering the Fortune 500 

■ Governance of the Internet 

■ Tcl/Tk 


then plan to attend the USENIX 19S6 Technical Conferenr 
in San Oiego. 


Over 70 tutoriais, refereed paper presentations, invited taiks, BoFs and 
Guru-is-tn sessions offered by top experts with hands-on experience. 
Free admission to the Vendor Dispiays. 


Please send: □ a free conference catalog □ information about exhibiting 
□ a FREE entry form for the Vendor Display 


Name 


Company 

Address 


City State Zip 

Phone Fax Email 

Postal Mail: USENIX, 22672 Lambert Si, Suite 613, Lake Forest, CA 92630 

Phone: 714 588 8649 

Fax: 714 588 9706 

Email: conference@u5en'ix.org 

WWW; http://www.usenix.org 

UNIX is a registered trademark in the United Statee and other countries, licensed exclusively 
through X/Open Company Limited 
















SECOND CLASS POSTAGE 

PAID 

AT BERKELEY, CALIFORNIA 
AND ADDITIONAL OFFICES 


USENIX Association 
2560 Ninth Street 
Suite 215 

Berkeley, CA 94710 



POSTMASTER: 

SEND ADDRESS CHANGES 
TO ;login: 

USENIX ASSOCIATION 
2560 NINTH STREET 
SUITE 215 

BERKELEY, CA 94710 


' Register to attend the USENIX Technical Conference by 
December 15. 

• Reserve your exhibit space today at the Vendor Display. 

January 22-26,1996 
San Diego Marriott Hotel 
San Diego, California 

3 Easy Ways for More Information: 

1. Phone: 510 528-8649 

2. Fax: 510 548-5738 

3. Email: display@usenix.org 





